Message from C, C++ talks

June 2019

— Do you some document to show it?

— I can show you some example code

— "At present, there is no known practical attack that would allow someone without knowledge of the key to read data encrypted by AES when correctly implemented."

Message permanent page

— According to the Snowden documents, the NSA is doing research on whether a cryptographic attack based on tau statistic may help to break AES.[28]

Message permanent page

— 

"At present, there is no known practical attack that would allow someone without knowledge of the key to read data encrypted by AES when correctly implemented."
Please _read_ stuff you link

— They are doing research

— >someone without knowledge of the key

too bad that the key is defined in the ISO standard 😉

— Using any other key would make it secure

— But most implementations have the start vector

— So the key is the same for everyone?

— The start key

— Yep, why not

— You then modify the key

— But the start key is enough information to do a side-channel attack

— In October 2005, Dag Arne Osvik, Adi Shamir and Eran Tromer presented a paper demonstrating several cache-timing attacks against the implementations in AES found in OpenSSL and Linux's dm-crypt partition encryption function.[31] One attack was able to obtain an entire AES key after only 800 operations triggering encryptions, in a total of 65 milliseconds. This attack requires the attacker to be able to run programs on the same system or platform that is performing AES.

Message permanent page