Page 547 - StudyBook.pdf
P. 547

Basis of Cryptography • Chapter 9  531


                 TEST DAY TIP
                      You will not have to know much about the internals of any algorithms
                      for the Security+ exam, nor will you need to calculate any of the encryp-
                      tion algorithms.





                 Advanced Encryption Standard (Rijndael)

                 Because of its small key size of 56 bits, DES can’t withstand coordinated brute-
                 force attacks using modern cryptanalysis; dedicated machines can break DES within
                 a day. Consequently,The National Institute of Standards and Technology (NIST)
                 selected the Advanced Encryption Standard (AES) as the authorized Federal
                 Information Processing Standard (FIPS) 197 for all non-secret communications by
                 the U.S. government, which became effective in May 2002.AES has the following
                 important characteristics:

                      ■  Private key symmetric block cipher (similar to DES)

                      ■  Stronger and faster than 3DES
                      ■  Life expectancy of at least 20 to 30 years
                      ■  Supports key sizes of 128 bits, 192 bits, and 256 bits

                      ■  Freely available to all; royalty free, non-proprietary, and not patented
                      ■  Small footprint.AES can be used effectively in memory and in central
                         processing unit (CPU) limited environments such as Smart Cards

                    As a background note, the Rijndael algorithm (pronounced “rain doll”) was
                 selected by NIST from a group that included four other finalists: MARS, RC6,
                 Serpent, and Twofish. It was developed by Belgian cryptographers Dr. Joan Daemen
                 and Dr.Vincent Rijmen. NIST seems resistant to side-channel attacks such as power-
                 and timing-based attacks, which are attacks against a hardware implementation, not
                 against a particular algorithm. For example, power- and timing-based attacks mea-
                 sure the time it takes to encrypt a message or the minute changes in power con-
                 sumption during the encryption and decryption processes. Occasionally, these
                 attacks are sufficient enough to allow hackers to recover keys used by the device.
                    So how does AES/Rijndael work? Instead of using Feistel cycles in each round
                 like DES, Rijndael uses iterative rounds like International Data Encryption
                 Algorithm (IDEA). Data operates on 128-bit chunks, which are grouped into four



                                                                              www.syngress.com
   542   543   544   545   546   547   548   549   550   551   552