Skip to main content

How Safe is AES Encryption? | Advanced Encryption Standard

KryptAll® uses 256-bit AES encryption to secure the calls.  We are often asked, "How secure is AES?"  To answer this question, we refer to the experts...

In the world of embedded and computer security, one of the often debated topics is whether a 128-bit symmetric key, used for AES (Advanced Encryption Standard) is computationally secure against brute-force attacks. Governments and businesses place a great deal of faith in the belief that AES is so secure that its security key can never be broken, despite some of the inherent flaws in AES.

This article describes the strength of the cryptographic system against brute force attacks with different key sizes and the time it takes to successfully mount a brute force attack factoring in future advancements in processing speeds.

Any cryptographic algorithm requires a multi-bit key to encrypt the data as shown in Figure 1 - a Multi-bit key to encrypt data using a cryptographic algorithm

The key length used in the encryption determines the practical feasibility of performing a brute-force attack, with longer keys exponentially more difficult to crack than shorter ones.

A brute-force attack involves systematically checking all possible key combinations until the correct key is found and is one way to attack when it is not possible to take advantage of other weaknesses in an encryption system.

Figure 1: Multi-bit key to encrypt data using cryptographic algorithm
Figure 1: Multi-bit key to encrypt data using a cryptographic algorithm.
Figure 2: Brute Force attack on 4-bit key
Figure 2: Brute Force attack on 4-bit key
FIGURE 3: KEY COMBINATIONS VERSUS KEY SIZE
Figure 3: Key combinations versus Key size

The key length used in the encryption determines the practical feasibility of performing a brute-force attack, with longer keys exponentially more difficult to crack than shorter ones.

A brute-force attack involves systematically checking all possible key combinations until the correct key is found and is one way to attack when it is not possible to take advantage of other weaknesses in an encryption system.

The image to the left is an example of a brute force attack on a 4-bit key.

As shown, it will take a maximum 16 rounds to check every possible key combination starting with "0000." Given sufficient time, a brute force attack is capable of cracking any known algorithm.

The following table just shows the possible number of key combinations with respect to key size:.

Notice the exponential increase in possible combinations as the key size increases. "DES" is part of a symmetric cryptographic algorithm with a key size of 56 bits that has been cracked in the past using brute force attack.

There is also a physical argument that a 128-bit symmetric key is computationally secure against brute-force attack. Just consider the following:

Faster supercomputer (as per Wikipedia): 10.51 Pentaflops = 10.51 x 1015 Flops [Flops = Floating point operations per second]
No. of Flops required per combination check: 1000 (very optimistic but just assume for now)
No. of combination checks per second = (10.51 x 1015) / 1000 = 10.51 x 1012
No. of seconds in one Year = 365 x 24 x 60 x 60 = 31536000
No. of Years to crack AES with 128-bit Key = (3.4 x 1038) / [(10.51 x 1012) x 31536000]
                = (0.323 x 1026)/31536000
                = 1.02 x 1018
                = 1 billion billion years

As shown above, even with a supercomputer, it would take 1 billion billion years to crack the 128-bit AES key using brute force attack. This is more than the age of the universe (13.75 billion years). If one were to assume that a computing system existed that could recover a DES key in a second, it would still take that same machine approximately 149 trillion years to crack a 128-bit AES key.

There are more interesting examples. The following snippet is a snapshot of one the technical papers from Seagate titled "128-bit versus 256-bit AES encryption" to explain why 128-bit AES is sufficient to meet future needs.

If you assume: 
    Every person on the planet owns 10 computers. 
    There are 7 billion people on the planet. 
    Each of these computers can test 1 billion key combinations per second.

    On average, you can crack the key after testing 50% of the possibilities.

Then the earth's population can crack one encryption key in 77,000,000,000,000,000,000,000,000 years!

The bottom line is that if AES could be compromised, the world would come to a standstill. The difference between cracking the AES-128 algorithm and AES-256 algorithm is considered minimal. Whatever breakthrough might crack 128-bit will probably also crack 256-bit.

In the end, AES has never been cracked yet and is safe against any brute force attacks contrary to belief and arguments. However, the key size used for encryption should always be large enough that it could not be cracked by modern computers despite considering advancements in processor speeds based on Moore's law.

Figure 4: Time to crack Cryptographic Key versus Key size
Figure 4: Time to crack Cryptographic Key versus Key size

K-FACTS

K-FACT: AIR AND SEA 

KryptAll® Technology can be used in the air and on the sea. - Your private jet or yacht communication can be secure!

K-FACT: DATA 

KryptAll® secure data utilizes Real-time encryption (virtually zero time in encrypting and decrypting the data) with Military-grade hardware encryption (not software embedded in a chip).

K-FACT: DATA 

KryptAll® secure data is Bootable and Bus-powered (no adapter required) and employs either SATA or SSD storage for quick response times

K-FACT: WORLD WIDE 

KryptAll® Technology will work for World-Wide Communications.

K-FACT: DATA 

The heart of KryptAll®'s data cryptographic engine is NIST (National Institute of Standards and Technology) of USA and CSE (Communications Security Establishment) of Canada certified hardware AES (Advanced Encryption Standard) algorithm and FIPS (US Federal Information Processing Standard) 140-2 Cryptographic Engine validated (FIPS Inside).

K-FACT: HARDWARE 

KryptAll® Telephones are available in Cellular i-Phone or desktop/home phone models.


KryptAll® Clients

Used by Heads of State, Fortune 500 companies, Executives, and Privacy Advocates throughout the world currently using the industry-standard encryption technology for Secure Voice and Data Communications. No other provider has a patent-pending user-initiated system that guarantees your privacy like KryptAll®!

You now have the freedom to call anyone, anywhere to any type of phone in the world from your secure KryptAll® phone! Contact Us today to find out how simple and worry-free secure communication really can be.

Used by Heads of State, Fortune 500 companies, Executives, and Privacy Advocates throughout the World

CONTACT KRYPTALL® TODAY AND FIND OUT HOW EASY IT CAN BE TO HAVE GUARANTEED PRIVACY DURING ALL YOUR CALLS.

KryptAll® Communication Security - The leader in excellence for your Secured Communication Requirements. Contact Us today to find out how simple and worry-free secure communication really can be.

KRYPTALL® Secure Cell Phone Communication Logo