Thursday, March 22, 2012

Can the NSA Break AES?

NSA expert James Bamford wrote this in Wired, The NSA Is Building the Country's Biggest Spy Center (Watch What You Say). It's long and currently in my Instapaper queue.

Bruce Schneier pulls an interesting paragraph from it and asks, Can the NSA Break AES?

"In an excellent article in Wired, James Bamford talks about the NSA's codebreaking capability.

According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. The upshot, according to this official: "Everybody's a target; everybody with communication is a target."


"Reading the above, the obvious question to ask is: can the NSA break AES? My guess is that they can't."

He goes on to say he doubts a direct attack against the algorithm but suspects they might have a side attack against computer encryption systems (keys, endpoints, etc.). He added an update speculating: " Another option is that the NSA has built dedicated hardware capable of factoring 1024-bit numbers." Given the number of open source rainbow table projects I see, I wouldn't be surprised by such an approach.

No comments: