70 likes | 95 Vues
Prolog to Lecture 5 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher. Cryptographic Breaks – What Do They Mean?. Every so often, you hear about someone breaking a famous cipher What does that really mean? Is the cipher unusable? Now? Later?
E N D
Prolog to Lecture 5CS 236On-Line MS ProgramNetworks and Systems Security Peter Reiher
Cryptographic Breaks – What Do They Mean? • Every so often, you hear about someone breaking a famous cipher • What does that really mean? • Is the cipher unusable? • Now? • Later? • Is the cipher OK for some uses, but not others? • Is it a purely theoretic problem? • How do you tell?
An Example • A new attack on AES in summer 2009 • Specifically, AES-256, the 256 bit key version • Dramatically reduced the complexity of cracking an AES-encoded message • Should you stop using AES?
Let’s Look At the Details • The previous best attack on AES was brute force • For AES-256, 2255 operations, on average • This attack takes 2119 operations • Which is immensely less • But . . .
How Big is 2112? • Very, very big • Estimates of number of atoms in the universe are around 290 • So you need not be too concerned about this attack breaking your messages
So, Is the Attack Irrelevant? • Not entirely • Attacks only get better, never worse • Flaws in crypto algorithms often point the way to further flaws • So no need for concern today • But we were a lot happier with AES before the attack was discovered
Are All Crypto Attacks Like That? • No • Some totally break the algorithm • Some reduce the complexity sufficiently to cause real worry • Some limit the utility of the algorithm • You need to understand several things to assess the impact of crypto attacks