Just last week a group of cryptographers announced a practical attack on some versions of 256-bit AES encryption. This announcement initially created quite a stir in the cryptography community, before reality set in and the scope of the vulnerability was defined. The attack is quite sophisticated and represents a major step toward breaking AES. While you might think that 256-bit AES encryption is the strongest encryption you can deploy because it has the largest key, in fact, key size is only one aspect of the strength and reliability of encryption. And in this case a weakness in key handling at the 256-bit level exposed a weakness in some, but not all, versions of AES encryption.
At this point you are probably asking yourself – am I at risk?
The answer is – that depends. Is your encryption solution NIST certified as Patrick Townsend Security Solutions are, or is it an open source or proprietary solution that some programmer hacked together on their own?
The recent attack that everyone’s talking about used 256-bit AES encryption that implements 10 or less rounds (repetitive processing that transforms the input using the encryption key) during the encryption process, combined with a set of related encryption keys and known plaintext values. The good news is that NIST defines the minimum number of rounds for standard 256-bit AES encryption at 14. There is no known practical attack on 256-bit AES encryption that implements 14 rounds.
If you are using a NIST-certified AES encryption solution you can now relax (our Alliance AES encryption solutions are NIST certified on all platforms).
If you are NOT using a NIST certified solution, or if you don’t know if your solution is NIST certified, you have some work to do. First, rather than ask your vendor if they are NIST certified, you can determine if your vendor has completed NIST certification by looking at the NIST AES Validation list. A NIST AES validation is specific to the operating system and hardware platform. Be sure you find a match with your implementation. If your vendor is not on the list it’s time to pick up the phone, call your encryption vendor, and ask some questions:
• Does your implementation use 256-bit AES encryption?
• How many rounds are used, and can the number of rounds be independently verified ?
• Where did you get your implementation of AES? Which Open Source version did the developer start with?
• Is the solution NIST compliant? Can the vendor prove it? If it is not NIST certified, why not? Do they have a plan to get their solution certified?
• Can the vendor replicate the published NIST encryption results to validate that the code is working correctly?
You should get some clear answers to these questions. If your vendor experiences one of those “deer in the headlights” moments, or if the answers are not clear and simple, you may have a vulnerable version of an encryption solution on your hands. Your vendor might say something like “Well, it’s an implementation of Rijndael, so it’s Okay”. This is why independent laboratory certification from NIST is important. Some older versions of Rijndael used a smaller number of rounds, and less talented encryption programmers may not even understand what the difference is.
NIST certification is not an absolute guarantee that a security vendor has done encryption right. Nor is it a guarantee that there won’t eventually be a weakness in the encryption algorithm. But NIST does represent the very best in encryption standards and guarantees that your vendor has had some independent review of its encryption solution. Doing encryption right is important not only to guarantee that your solution is less vulnerable to attack, but also to give you the peace of mind that your data can be decrypted by you when you need it.
While this published attack on 256-bit AES will probably not pose a significant risk to your encryption strategy, it will serve as a wake-up call to many organizations that it is time to get serious about encryption vendors. Any serious vendor of encryption will take the minimum step of completing NIST certification. We all think it is a good idea for teenagers to have a driver’s license, security vendors should get NIST certified, too.
Bruce Schneier has a really good description of the attack and it is well worth reading. I really like Bruce’s view on security in general. He writes well on a wide variety of security topics and brings a nuanced view to the subject. You can sign up to get his email newsletter on his web site.
One last thought: the cryptographers who found this weakness were not up to anything bad. The study of encryption ciphers and the attempt to compromise them (called cryptanalysis) is an important part of keeping encryption secure. You REALLY should worry about using encryption that is home-grown, or out of the mainstream, because the only ones trying to find the weakness are the bad guys. And they are not going to tell you if and when they break your encryption. They are going to exploit it as much as possible and your business will suffer. Don’t wait for that to happen. Realize that the right time to take a good hard look at your encryption solution vendor is now.
I’ve known John Earl for a number of years and have always been impressed with his commitment to customers, his sense of business ethics, and his grasp of technology. John is an expert in security and has been an important figure in the IBM i community for a number of years. He understands the demands and challenges that Enterprise IT leaders face on a daily basis, and I am really glad to have him on board as the new CEO and President of Patrick Townsend Security Solutions.
John shares my commitment to keeping us independent and focusing on providing the best products available for encryption and key management. And I truly believe he is the perfect fit to help further our leadership in the Enterprise data security space.
With John assuming many of the duties that used to consume my time, I was recently able to move over to the position of CTO. This allows me most immediately to focus on the launch of our new Alliance Key Manager product. The key manager has already been successful in the partner space, and it will soon be ready for general release. We also have a number of new solutions in the pipeline that leverage our encryption and key management solutions, and my new position will allow me to focus the launch of those applications, as well.
I’m confident that Patrick Townsend Security Solutions still has its best days ahead. And John will contribute mightily to our successful future.
A wise man once said there are two ways to be a great leader. The first is to assemble a team comprised of the very best people in the field, and the second is to find an already great team and figure out how to get out in front of them.
In July Patrick Townsend asked me to stand out in front of the great team he has already assembled and join Patrick Townsend Security Solutions (PTSS) as President and CEO. I am extremely pleased to be a part of a company with the customers, employees, technology, and professional reputation that PTSS has acquired over the last 25 years.
For those of you that I have not had the pleasure to meet yet, I come to PTSS with almost 30 years experience in IT, including the last dozen years as a founder, Vice President, and Chief Technology Officer of the PowerTech Group, a company that specializes in security and compliance solutions for IBM i customers. I’m pleased to note that I have done business with many of you before and look forward to a future of mutually beneficial relations.
Patrick Townsend himself is not going anywhere – he’s still here at the same desk and the same phone number you’ve been able to reach him at for all these years. But as this company grows, Patrick recognized that he could not do all things he used to do on his own and still maintain the high quality that he demands of himself and his company. Patrick will continue to operate here as the Chief Technology Officer of PTSS and re-focus his attention on building the industry leading products that you have come to expect from us. To that end, watch this space for new product announcements from Patrick and the encryption elves in our development area who are all working hard to make your jobs easier and more secure in the months to come.
As we go forward, please feel free to reach out to me with your praise and your problems on doing business with Patrick Townsend Security Solutions. It is my aim to maintain the high standard of customer centricity that is already a part of this company’s culture, and to raise the bar so PTSS is your favorite business partner.
Securely yours,
jte