Feeds

back to article Boomerang attack against AES better than blind chance

Cryptographic researchers have uncovered a chink in the armour of the widely used AES algorithm. The attacks pose no immediate threat to the security of AES, but they do illustrate a technique for extracting keys that is better than simply trying every possible key combination. Instead of such a brute force approach, the …

COMMENTS

This topic is closed for new posts.
Joke

"Cryptographic researchers have uncovered a chink in the armour of the widely used AES algorithm."

That's an incredibly offensive way to describe a Chinese hacker...

0
0
Happy

Simply brilliant

"(ironically on a page that harbors a digital certificate problem)"

Yup: ssl_error_bad_cert_domain. That's superb!

0
0
FAIL

Idiot browsers and general incomptence.

"ironically on a page that harbors a digital certificate problem"

Cryptographically it's fine, it's just created for a different site. If it's your bank you should care, otherwise - who gives a damn. You'd hope a tech blog talking about cryptographic algorithms would engage brain before reading what their IE install says, but oh well.

As for the who cares guy, cryptographic algorithm strength is measured in the time it would take the world's most powerful supercomputers to break them, as soon as you find weaknesses in them they're technically worthless. There's also a chance that this one weakness could lead to others or be a more serious problem in another algorithm - so it's not like you can put your fingers in your ears and lalalala I'm not listening!

0
0
Stop

Tinfoil Time

Of course he'd say that. It's in his best interests to protect the myth of AES.

0
0
Silver badge
WTF?

@Martin Nicholls

Did you actually read the article? Do you even know who Bruce is? You've just repeated almost word for word what he said and then are saying he's putting his fingers in his ears.

Interesting interpretation. You sir are the fail

0
0
Unhappy

GET THE FACTS BEFORE YOU TRY TO WRITE ABOUT THEM

#1MD6 has not been withdrawn. You can read that from the MD6 web page here: http://groups.csail.mit.edu/cis/md6/ :

"We are not withdrawing our submission; NIST is free to select MD6 for further consideration in the next round if it wishes."

#2 The problem with MD6 was not performance, it was instead a recognition that there was a problem in their security proofs. As stated in the website:

"But at this point MD6 doesn't meet our own standards for what we believe should be required of a SHA-3 candidate, and we suggest that NIST might do better looking elsewhere. In particular, we feel that a minimum 'ticket of admission' for SHA-3 consideration should be a proof of resistance to basic differential attacks, and we don't know how to make such a proof for a reduced-round MD6."

0
0
This topic is closed for new posts.