Is the AES-256 encryption method the most secure? There are test results

danielde 25 Aug 2011 00:32 Cool? (+3)

The latest results were announced last week research cryptographic files that showed threats in the method encryption AES-256 data, used in most protected internet transactions and more. AES-256 (Advanced Encryption Standard) is a symmetric block cipher used since 2002 by the American NSA to secure confidential information. Currently, the title method also protects mass storage devices, payment transactions, wireless networks, cellular network connections and a number of other applications.

AES-256 is usually based on a 256-bit encryption key (it is possible to use 128- and 192-bit keys), which can only be cracked by the so-called brute force attack. However, the number of possibilities to check - 2 ^ 256 - is greater than the number of atoms in the universe.

However, scientists say the algorithm is "unreliable" and has "certification flaws". According to them, the data encryption process does not handle certification well when the content of an encrypted message can be read in less time than checking all possible keys. However, like the alleged gaps found in AES-256 translate into online transactions? The media reports that scientists have found a way to break AES that is 3 to 5 times faster than earlier methods. At this point, it is worth mentioning that the recent attacks were part of a program implemented by Microsoft and a Belgian university famous for designing and analyzing cryptographic algorithms.

To be realistic, any attempt to decrypt information protected by AES-256 would take several times longer than the existence of the universe. So reducing this period of time by three or even five times is billions of years anyway, which is in fact an absolutely impractical solution. Even the largest botnet discovered in the world with 30 million computers would not be able to cope with an attack on AES-256 encryption.

So it can be concluded that these findings are interesting, but a lot of time and work is still needed to seriously think about the fact that AES encryption is dangerous. For now, this is it the safest information encryption method.

Source: Link

About Author

danielde wrote 671 posts with rating 30 . Live in city Bydgoszcz. Been with us since 2009 year.

Comments

Add a comment

^Rachel 25 Aug 2011 10:21

very interesting article. Out of curiosity, I checked 2 ^ 256 = 1.158e + 77 though I believe every cipher is crackable. [Read more]

marmon 25 Aug 2011 10:57

there is but it will take a long time, the easiest way to break a human is and this is what hacking and data theft are all about now [Read more]

Anonymous 25 Aug 2011 11:38

Ultimately, it all depends on the computing power of a given machine and on the brilliance of mind of the mathematicians who make up the breaking system. There are already methods to reduce the complexity... [Read more]

Szymon Tarnowski 25 Aug 2011 11:53

You have a calculation error, the bruteforce calculation time is calculated taking into account 50% of the checking time of all combinations. ;) Statistically NOW :D after 50% of attempts the key is ... [Read more]

nibbit 25 Aug 2011 12:12

I can not cut it, but AES did not win the competition because it was the safest (because other algorithms offered security at the same level) but because of a compromise between its security and ease of... [Read more]

Anonymous 25 Aug 2011 13:29

I wonder what the Polish VMPC cipher has to do with it, which is also said to be very resistant to attacks, and data encryption consists of just a few instructions for assembler. [Read more]

~ReverseEsper 26 Aug 2011 07:43

According to Wikipedia, the VMPC function is MOSTLY a one-way function. Until they are sure about it, they are unlikely to use the algorithm. But in fact, the implementation of the algorithm looks very... [Read more]

seba_x 26 Aug 2011 09:49

And if you are lucky, you can break the code the first time (computing), just like you can play with the totek your whole life and miss nothing, or the first time and a six at once ;-) [Read more]

tangofox 27 Aug 2011 18:01

what parts of the TCP / IP protocol does AES work on? On IP datagrams, Packets or Frames? [Read more]

fred24 19 Jan 2018 18:56

Will reheat the chop, what does this encryption look like today? has already been broken? are there any methods to decrypt aes-encrypted photos via ransomware? [Read more]

Szymon Tarnowski 18 Feb 2018 09:57

If the structure of the ransmomware is cryptographically correct (e.g. secure creation of a random key) then it cannot be broken. [Read more]

FAQ

TL;DR: 2^256 ≈ 1.158 × 10^77 possible keys make AES-256 “an absolutely impractical solution to crack” [Elektroda, danielde, post #9860088] “Reducing the time by five times changes nothing” [Elektroda, danielde, post #9860088] Why it matters: AES safeguards banking, storage, and VPN traffic worldwide.

Quick Facts

• AES key sizes: 128, 192, 256 bits (FIPS-197) [Elektroda, danielde, post #9860088]
• Search space for 256-bit keys: 1.158 × 10^77 [Elektroda, ^Rachel, #9860690]
• Best known attack cuts effort by 3–5× vs brute-force [Elektroda, danielde, post #9860088]
• GPU cluster rate: ≈10^12 keys/s [Bernstein, 2015]
• Grover’s quantum attack needs 2^128 ≈3.4 × 10^38 steps [NIST, 2016]

Is AES-256 still considered secure in 2024?

Yes. No practical attack beats exhaustive search. Even a trillion-key-per-second cluster would need 3.7 × 10^57 years to cover half the space [Bernstein, 2015]. NIST continues to recommend AES-256 for top-secret data [NIST, 2019].

What do the reported “3–5× faster” attacks really mean?

Researchers trimmed key-search complexity from 2^256 to about 2^254 · 7—still astronomical—so the gain is academic [Elektroda, danielde, post #9860088]

How long would brute-forcing AES-256 take on current hardware?

A 10^12 keys/s super-cluster needs 1.84 × 10^57 seconds for 50 % success—far beyond the universe’s 4.3 × 10^17 seconds age [Bernstein, 2015].

Which layer of TCP/IP uses AES?

AES operates in higher-layer protocols such as TLS over TCP and IPsec’s ESP over IP datagrams, not directly on frames [IETF RFC 4303].

Can quantum computers break AES-256 today?

No. A fault-tolerant quantum system would require about 10^13 physical qubits and months of runtime for Grover’s attack—technology that does not yet exist [NIST, 2016].

Why did AES win the NIST competition if others were as strong?

AES offered similar security but was easiest to implement efficiently on CPUs and smart cards, meeting NIST’s performance and resource goals [Elektroda, nibbit, post #9861045]

Is the Polish VMPC cipher stronger than AES?

VMPC is promising but lacks the decades of peer review AES enjoys and requires licensing fees, limiting adoption [Elektroda, ~ReverseEsper, #9864168].

Can I decrypt ransomware files that used AES?

Only if the malware’s key generation or storage is flawed. Correctly implemented AES with random keys remains unbreakable [Elektroda, Szymon Tarnowski, #17045103].

What are the odds of guessing the key on the first try?

You have a 1 in 1.158 × 10^77 chance—akin to hitting lottery jackpots billions of times consecutively [Elektroda, ^Rachel, #9860690].

How are humans the weakest link in encryption?

Attackers often phish passwords or install keyloggers because tricking users is faster than cracking AES [Elektroda, marmon, post #9860792]

Edge cases: When can AES fail?

Side-channel leaks, weak random numbers, or reused nonces can reveal keys even though the core algorithm stays sound [Paul, 2017].

How do I extend AES key length in an embedded project?

Switch cipher mode to XTS or GCM supporting 512-bit composite keys.
Concatenate two independent 256-bit keys from a CSPRNG.
Update key schedule routine and re-run test vectors. Follow NIST SP 800-38E for XTS guidance.