Are 128 and 256bit AES encryption considered weak

encryption

Are 128 and 256bit AES encryption considered weak?

I wanted to archive files and i figure i can write an app to automatically do it with winrar or 7z. Winrar uses AES-128 and 7z uses AES-256. I was wondering if that's easily breakable now that the market have quad cores? Some of these files are small like 10kb and even 4kb (maybe a few files with be <1k)

I want to backup many disc but i am nervous how easily they can be broken if someone really wanted to break it.

Best Answer

A recent AES-256 break described by Bruce Schneier in his July 30, 2009 posting,
Another New AES Attack

There are three reasons not to panic:

The attack exploits the fact that the key schedule for 256-bit version
is pretty lousy -- something we pointed out in our 2000 paper -- but doesn't extend
to AES with a 128-bit key.

It's a related-key attack, which requires the cryptanalyst to have access to
plaintexts encrypted with multiple keys that are related in a specific way.

The attack only breaks 11 rounds of AES-256. Full AES-256 has 14 rounds.

Not much comfort there, I agree. But it's what we have. Cryptography is all about safety margins. If you can break n rounds of a cipher, you design it with 2n or 3n rounds. What we're learning is that the safety margin of AES is much less than previously believed. And while there is no reason to scrap AES in favor of another algorithm, NIST should increase the number of rounds of all three AES variants. At this point, I suggest AES-128 at 16 rounds, AES-192 at 20 rounds, and AES-256 at 28 rounds. Or maybe even more; we don't want to be revising the standard again and again.

And for new applications I suggest that people don't use AES-256. AES-128 provides more than enough security margin for the forseeable future. But if you're already using AES-256, there's no reason to change.

The paper I have is still a draft. It is being circulated among cryptographers, and should be online in a couple of days. I will post the link as soon as I have it (paper ref).

_{The quote above has highlights relevant to the question and

mild typographical changes I made.

Schneier was probably typing slower then he thinks...

The original reference is linked for the purists.}

Finally, if you want to look at what some Stackoverflow users want to say about,
Is it possible to reverse engineer AES256?

Related Solutions

Ssl – How to limit SSL/TLS connections to at least 128-bit encryption

Enforcing 128-bit encryption keys via the check box is step 1 to enforcing strong SSL on your webserver, but without explicitly disabling weak encryption algorithms in the registry, clients can request to use less secure methods of encryption (while using keys that are 128-bits in length). Here is the KB for editing the registry http://support.microsoft.com/kb/245030.

However, I followed this, rescanned for vulnerabilities and found that I missed some so here is an article that better explains what to turn off: http://blog.zenone.org/2009/03/pci-compliance-disable-sslv2-and-weak.html. You will need to reboot after you are done for the changes to take effect.

SQl server 2008 permission and encryption

The following command is used to grant users rights to a certificate:

GRANT CONTROL
ON CERTIFICATE :: certificate_name
TO username

Best Answer

Related Solutions

Ssl – How to limit SSL/TLS connections to at least 128-bit encryption

SQl server 2008 permission and encryption

Related Topic