A new cryptanalytic attack against AES encryption has been published by Alex Biryukov and Dmitry Khovratovich of the University of Luxembourg. The attack, “Related-key Cryptanalysis of the Full AES-192 and AES-256″, is better than a brute force attack against AES keys.

The complexity of the attack in both time and space is 2¹¹⁹. This is far beyond the capabilities of current or forseen computation, and so this attack is still a theoretical one.

Instead of trying to crack AES keys, it’s far easier and more practical in a real-world sense to do brute force password guessing against a software AES implementation that cannot prevent brute force password guessing. That is why IronKey secure USB flash drives implement brute force password guessing prevention in hardware, which cannot be defeated or reset.

This entry was posted

on Monday, July 6th, 2009 at 9:42 pm and is filed under IronKey, Security.
You can follow any responses to this entry through the RSS 2.0 feed.

You can leave a response, or trackback from your own site.