Syber Group
Toll Free : 855-568-TSTG(8784)
Subscribe To : Envelop Twitter Facebook Feed linkedin

AES Encryption Cracked

August 24, 2011 by  
Filed under Computing

Comments Off on AES Encryption Cracked

CRYPTOGRAPHY RESEARCHERS have identified a weakness in the Advanced Encryption Standard (AES) security algorithm that can crack secret keys faster than before.

The crack is the work of a trio of researchers at universities and Microsoft, and involved a lot of cryptanalysis – which is somewhat reassuring – and still does not present much of a real security threat.

Andrey Bogdanov, from K.U.Leuven (Katholieke Universiteit Leuven), Dmitry Khovratovich, who is full time at Microsoft Research, and Christian Rechberger at ENS Paris were the researchers.

Although there have been other attacks on the key based AES security system none have really come close, according to the researchers. But this new attack does and can be used against all versions of AES.

This is not to say that anyone is in immediate danger and, according to Bogdanov, although it is four times easier to carry out it is still something of an involved procedure.

Recovering a key is no five minute job and despite being four times easier than other methods the number of steps required to crack AES-128 is an 8 followed by 37 zeroes.

“To put this into perspective: on a trillion machines, that each could test a billion keys per second, it would take more than two billion years to recover an AES-128 key,” the Leuven University researcher added. “Because of these huge complexities, the attack has no practical implications on the security of user data.” Andrey Bogdanov told The INQUIRER that a “practical” AES crack is still far off but added that the work uncovered more about the standard than was known before.

“Indeed, we are even not close to a practical break of AES at the moment. However, our results do shed some light into the internal structure of AES and indicate where some limits of the AES design are,” he said.

He added that the advance is still significant, and is a notable progression over other work in the area.

“The result is the first theoretical break of the Advanced Encryption Standard – the de facto worldwide encryption standard,” he explained. “Cryptologists have been working hard on this challenge but with only limited progress so far: 7 out of 10 for AES-128 as well as 8 out of 12 for AES-192 and 8 out of 14 rounds for AES-256 were previously attacked. So our attack is the first result on the full AES algorithm.”

Read More…

‘Ransomware’ Malware Threats Increasing

February 13, 2011 by  
Filed under Computing

Comments Off on ‘Ransomware’ Malware Threats Increasing

A particularly nasty type of attack named”ransomware” is on the rise, with antivirus vendor Symantec seeing at least three new variants appearing in recent months. Such attacks often use viruses to not only steal a person’s sensitive or financial information, but also to disable hard drives and demand money to restore them.

“Threats that use extortion can be some of the most aggressive and, in some cases, offensive viruses encountered,” said Symantec security researcher Gavin O Gorman in a blog post.

Unfortunately for computer owners, attackers continue increase the sophistication levels of their ransomware. For example, GPCoder.G, which first appeared in November 2010, is a small (only 11 kilobytes ) piece of malware which, if executed, searches a hard drive for files with specific extensions, relating to everything from videos and Microsoft Office files to images and music. It then encrypts the first half of all files found, using a symmetric RSA encryption algorithm and a random key. The random, private key is then encrypted using a public key. “Without the private key from this key pair, it is not possible to obtain the symmetric key in order to decrypt the files,” said O Gorman.

To get the private key, the ransomware victim must forward the encrypted symmetric key to attackers, who decrypt and return it. Unfortunately, aside from restoring the encrypted files from a backup, “there is no way to bypass this technique,” he said.   Read More….