by Russell Efird
No organization today, regardless of size or location, is immune from the continuously evolving and complex set of internal and external threats to enterprise information security. Protecting corporate data while we move and store it is an essential part of any effective governance, risk and compliance strategy. In many industries and regions it is now a matter of law. Encryption is one of the most common methods used today to achieve data security. Modern encryption technology uses sophisticated algorithms and keys to encrypt and decrypt data, often implemented as an embedded part of a software application.
Advanced Encryption System (AES) is a symmetric-key encryption algorithm leveraging block ciphers that has been widely adopted by the United States federal government as a standard along with enterprises worldwide. AES uses a common block size of 128 bits, but the cryptographic key lengths of different sizes can vary (128, 192 and 256 bits). Among other things, the length of the key determines the number of repeating round functions or transformations (10, 12 and 14 respectively) performed in the processing stage. It is a common misconception that the longer the length of the key, the more secure the overall encryption is. In reality, it is never as simple as “more bits are better.” AES at each key length has a theoretical breaking point against a brute-force attack (trying every possible key in turn until the correct key is identified) but this is absolutely impossible with current technology. The fastest computer in the world would take 1 billion billion years (our universe is only 13.8 billion years old) to break a cryptographic key. It is widely believed within cryptographic circles that a successful brute-force attack against AES will only happen through significant practical advances in quantum computing.
In addition to brute-force attacks, researchers have documented numerous theoretical cryptanalytic attacks (breaks that are faster than brute-force). These include related key attacks on AES-192 and AES-2561, other key and ‘middle’ attacks on AES-128 and the first key recovery attack on AES at all cipher lengths. The attacks on AES-256 have received particular attention, because they exploit a weakness in the design of its key schedule that is not present in AES-128 (the specification for which portions of the key get used for each round function of encryption). This has prompted Bruce Schneier, the renowned cryptographer and security technologist, to recommend against the use of AES-256 for new applications requiring data encryption2. Yet key size is not the only factor in how secure the encryption is, and the state of cryptanalysis today means there are considerations to be made for all key sizes. Ultimately, 128, 192, and 256 bit keys are not currently possible to break for all practical intents.
Aspera remains strongly committed to the embedded FASPTM security model which leverages SSHv2 with multiple cipher choices for session encryption. AES-128 is used for data encryption by default, but the core FASP source code has always included support for ciphers beyond AES-128. In a future release we will expose interfaces for customers to configure this themselves, including support for AES-192 and AES-256 for data encryption.