Boffins from Microsoft and the Katholieke Universiteit Leuven in Belgium have cracked the Advanced Encryption Standard (AES), the encryption algorithm.
AES is used to secure most all online transactions and wireless communications so breaking the system is bad news for anything dependant on it.
Their method can recover an AES secret key from three to five times faster than previously thought possible and do not need to assume related-keys.
“Most of our attacks only need a very small part of the codebook and have small memory requirements, and are practically verified to a large extent. As our attacks are of high computational complexity, they do not threaten the practical use of AES in any way,” the report said.
According to a press release from Vole, the attack is tricky using existing technologies and would take billions of years of computer time to break the AES algorithm. However it does make it do-able in terms of computer research and could be the beginning of the end of the AES standard.
It means that seemingly secure encryption method could be easily broken by tomorrow’s faster computers, or by new techniques.
The US National Institute of Standards and Technology agency which commissioned AES in 2001 pointed out, the “safety margin” of AES continues to erode.
Though unwieldy to execute, the attack can be applied to all versions of AES if you have a spare million years or so.
Apparently the creators of AES, Joan Daemen and Vincent Rijmen have acknowledged the validity of the attack.
*Update Thanks, readers!