Cryptographers have found a new chink in the widely used AES encryption standard that suggests the safety margin of its most powerful cipher is not as high as previously thought. In a soon-to-be-published paper, researchers Alex Biryukov, Orr Dunkelman, Nathan Keller, Dmitry Khovratovich, and Adi Shamir show that the 256-bit version of AES is susceptible to several so-called related-key attacks that significantly diminish the amount of time it takes to guess a key. One technique against the 11-round version of the cipher can be completed in 270 operations, an improvement that cryptographer Bruce Schneier says was strong enough to be "almost practical."
