There is no shortage of news about increases in the number of cyber attacks, and given how frequent “hacks” are, many of us find ourselves wondering whether anything online is secure. Is my bank account safe? Are all of my private messages accessible by anybody with the right technical knowledge? It’s a legitimate question!
Let’s see how this issue is addressed by those who (supposedly) enforce the highest degree of security in the use of internet communication:
The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths. The implementation of AES in products intended to protect national security systems and/or information must be reviewed and certified by NSA prior to their acquisition and use.
The US government had determined that the encryption algorithm (i.e. method) called AES 256 is safe for transmission of top secret information – hence the reason why it has been labelled “military grade”. Taking together the varying forms and security levels of this algorithm, AES is potentially the most widely used form of online encryption today.
How did the NIST (National Institute of Standards and Technology) make this decision? It reviewed 15 competing designs and decided that AES was the most suitable. Cryptography is a delicate balancing act between security and efficiency: a much more secure encryption method can prove too slow for practical use.
So where exactly do the vulnerabilities of AES lie? Let’s take a look! To begin, the following observation will be helpful:
Whether using computers or paper, cryptography is the same:
Today’s digital encryption is conceptually no different from that which is used in the past, although it is more mathematically advanced. Cryptography has a long history: even Julius Caesar used encryption in his messages! Fundamentally, the question is the following: if I want to send a private message to another person, how do I prevent it from being readable if someone ends up intercepting it?
Keeping this in mind is actually very helpful, because reading elsewhere you may come across a lot of distracting terminology and technical details, which make things appear more complex than they really are.
The one thing that has changed with digital cryptography is that we can test the behavior of the encryption system. In the pen and paper days, if you came across one letter with gibberish written all over it, then the message would remain a mystery (and in some cases exercise the minds of some very bright people for more than a century). With encryption of digital messages, however, we can feed the “black box” input messages, and see how it encrypts them. A hack consists in feeding cleverly chosen messages to the encryption system, in a way to tease out its secret mathematical structure. Once this is discovered, this allows the attacker to generate the “keys” and therefore read the encrypted data.
Related Key Attack: Finding the Weakest Link
In 2009, less than a decade after NIST approved AES, some cryptographic researchers showed that the algorithm was significantly less secure than understood previously. How did they accomplish this? If we are to represent AES visually, it is a lot like a Rubik’s cube. Imagine that your private message was printed on a giant Rubik’s cube, which you then twisted and turned in order to scramble the message to make it unreadable.
Now, the basic rule of cryptography is that everyone knows the overall encryption method. It is the keys that are secret. Even if the rules of encryption are known, they are applied in conjunction with keys only known to the concerned parties.
Let’s go back to the Rubik’s cube example. If everyone knows that the cube is resolved in 10 steps, and that each steps involves re-arrangement of a specific row or column, then you need to add some more rules for secrecy. The rules would be coded on an additional secret chart, only known to you and the receiver (this is the subkey). So you could say, for example, that the first shift involves twisting the 35th row of the cube by a number of times indicated in a specific place on the secret chart.
Basically, in addition to the publicly known rules, AES will involve such “secret charts” (subkeys) at each step of encryption. If you can find one, you can gradually infer the others, and end up with the overall key. The researchers discovered a design flaw in AES, which was a strong relationship between the subkeys, which simplified the infeasible calculation of the entire key to one of the subkeys.
In cryptography, we want to make any encrypted message appear as complete gibberish, or technically speaking, completely random. Any pattern revealed in encrypted messages is very bad news, as it allows to gain information about one of the subkeys. By working from patterns in encrypted messages, the researchers could work their way up to one of the subkeys, and from there to the main key.
Differential Power Analysis: The Chink in the Armor
Until now we viewed encryption as an abstract mathematical problem. However, in the real world we are dealing with physical machines, which among other things consume power. The power consumption of the processors running the encryption algorithm provide the attacker with information about the underlying calculations.
In this instance, the hack is far less sophisticated mathematically. All that is necessary is to guess subkey values, and observe how the processor’s power consumption varies. Obtaining the key becomes a fairly straightforward guessing game!
In this case, there is no need to run very high amounts of calculations. This process is known more broadly as Van Eck phreaking, and even the mighty AES 256 can be hacked with some cheap and readily available hardware (for only 200 Euros!). The ease and cheapness of the attack demonstrates that sloppiness in cyber-security will lead to apparently effective solutions being easily neutralized by a well-informed attacker.
Attacks always get better – they never get worse
The related-key attack above is not effective against all versions of AES. This does not mean there is no cause for concern, however, as per the title of this paragraph. If simpler versions of an encryption method are able to be breached, then the more advanced versions are at risk. It is enough for somebody to come up with a few more good ideas and the system is no longer secure!
To this effect, the possible appearance of quantum computing is one such threat to current types of cryptography. Just like 20 years ago, NIST is holding a contest for post quantum encryption, where it will decide on the encryption algorithm that will succeed AES.