I am not naive about the potential vulnerabilities in AES and I never said it didn't have vulnerabilities. As a mathematician, I know all too well that a proof is only a proof until someone finds a counter example.
What I did say is that I do not believe that the NSA would be able to find a vulnerability in AES and then keep it secret while still allowing our own country to secure it's secrets with AES. I believe that the dudes at the NSA are smart enough to know that however smart they may be, there are other smart dudes out there who aren't working for the NSA and any vulnerability found by the NSA will be found, sooner or later, by others even if the NSA is able to contain internal leaks. There is a history of capturing encrypted messages and storing them for future analysis as decryption tools get better and cyphers are broken. I know that the US continued to work on WWII cyphers, decoding new messages, for decades after the end of the war. So, yeah, you have a message today in a strong cypher, will it always stay encrypted? Probably not. At a minimum, I expect AES to be able to be cracked with a combination of better techniques and revolutions in computing power like quantum computing. However, given the public status of the algorithm and the behavior of the government thus far around AES, I believe it to be a viable method for keeping things safe...for now. And that was the original charge, that the NSA could crack (or has a backdoor for) AES encryption on the files contained on these usb drives. I don't believe that they can and pointed out why. Cheers, Judah On Thu, Sep 6, 2012 at 4:16 PM, Cameron Childress <[email protected]> wrote: > > On Thu, Sep 6, 2012 at 2:09 PM, Judah McAuley <[email protected]> wrote: > >> For a bit of the math run down on cracking 128-bit AES please see: > > > I'm quite familiar with how strong AES is believed to be. It's among the > best that's out there... Today.... > > Years ago this same conversation could be had about other crypto. We've > learned from past mistakes and AES is very strong, but we may not yet have > it perfectly right. > > Things change. Never assume you know everything. There could be unknown > vulnerabilities in AES (or known to a small few). Thinking there absolutely > cannot be any vulnerabilities in AES is quite naive. Quite naive... > > -Cameron > > ... > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-community/message.cfm/messageid:354600 Subscription: http://www.houseoffusion.com/groups/cf-community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-community/unsubscribe.cfm
