New AES Attack Documented 236
avxo writes "Bruce Schneier covers a new cryptanalytic related-key attack on AES that is better than brute force with a complexity of 2^119. According to an e-mail by the authors: 'We also expect that a careful analysis may reduce the complexities. As a preliminary result, we think that the complexity of the attack on AES-256 can be lowered from 2^119 to about 2^110.5 data and time. We believe that these results may shed a new light on the design of the key-schedules of block ciphers, but they pose no immediate threat for the real world applications that use AES.'"
Furthers my stand on crypto, which is: DON'T (Score:4, Funny)
Crypto is broken. It's not IF, but WHEN. That's why crypto is pointless to use. this is why I use open source, and even keep all doors unlocked. It's pointless to try and protect propery, real or intellectual/imaginary.
Complexity. (Score:5, Funny)
For those who don't have a degree in oh-shit-that's-a-big-number, can someone give a comparative analysis of what "2^119" complexity means? I mean what else is "2^119" hard to solve? And yes, the math nerds are undoubtedly either dying of laughter or yelling at the screen for my abuse of powers of two... I don't care.
Re:Complexity. (Score:2, Funny)
Re:Complexity. (Score:3, Funny)
Note to self: never try to tell a cryptography joke.
Re:Complexity (Score:2, Funny)
... 2^137 times better is half a metric asston.
I measure algorithmic complexity in imperial asstons, you insensitive clod.
Obligatory XKCD quote (Score:5, Funny)
Security [xkcd.com]
Re:Complexity. (Score:1, Funny)
Why limit yourself to electrons? Photons man, photons - they're the new "it" particle for computation!
Re:Complexity (Score:2, Funny)
Sigh... I'll repeat again: (Score:4, Funny)
Lord Farquaad: I've tried to be fair to you creatures, now my patience has reached it's end! Tell me or I'll...
Gingerbread Man: NO! Not the buttons! Not my gumdrop buttons!
Lord Farquaad: Alright then! Who's hiding them?
Gingerbread Man: Ok. I'll tell you. Do you know... the muffin man?
Re:Complexity (Score:3, Funny)
Any attack which starts with things like "first you encrypt 2^128 carefully chosen plaintexts and store them in a hash table" isn't really an attack you should worry about.