In private key encryption, both the sender and receiver use the same key to encrypt and decrypt the message being sent. This requires the sender and receiver to both have the secret key, which can become a problem if the people communicating are a far distance away from each other. Since this secret key can be used to encode and decode the message being sent, the people using this private key must have securely transferred the key from one person to another without anyone intercepting it. The most common form of private key cryptology used today is the AES (Advanced Encryption Standard), which replaced its predecessor, DES (Data Encryption Standard). The U.S. government has recently stated that AES provides enough security to encrypt classified and top secret information.
One reason the government finds AES secure enough to protect their data is due to large key sizes. The larger the key used to encrypt the data is, the longer it will take for someone to find the key. Finding an encryption key by testing every combination of numbers allowed in the key is called a brute force attack, and is theoretically impossible with the larger key sizes that are used in encryption today. When DES was first implemented, it contained a 56bit encryption key. This meant that an attacker would need to guess 256 combinations since each bit can be either 1 or 0 and there are 56 different bits. At the time it seemed that this was improbable, but the 56bit key became more and more crackable as computer processing power increased.
Since the DES was quickly becoming outdated, the AES was created to take its place. The AES is much more sophisticated, including the option for 128bit, 192bit, or 256bit encryption key. To show how secure these keys are, a contest was created that rewarded anyone able to crack these encryption keys a cash prize. A worldwide network of computer users and groups operating with the website distributed.net have been the most successful in cracking these keys. In 1997, the group broke the 56bit encryption key in 250 days. (One year later it was broken in 22 hours) In 2002, the group managed to crack the 64bit key after working for almost 5 years. When you think about how much longer it took to crack a key that was only 8bits larger, it is easy to see how a 256bit encryption key is theoretically impossible to crack.
To give another example of how hard a 256bit key is to crack, cryptologist Burt Kaliski came up with this analogy: Imagine a computer that is the size of a grain of sand, with the capability to calculate encryption keys at the speed of light. Now, create a network of these computers that covers the earth to a height of one meter. This network of computers would be able to crack a 128bit encryption key in roughly 1000 years. At the current time, it would take two planets full of computers to brute force a 256bit key. Since brute force cracks are theoretically impossible, attackers have turned to other methods of intercepting or corrupting data. Many of these techniques involve social engineering and side-channel attacks.
Sources:
No comments:
Post a Comment