AES128 vs AES256 using bruteforce

StackOverflow https://stackoverflow.com/questions/18847580

Question

I came across this:

Key combinations versus Key size

I don't understand how AES128 is stronger than AES256 in a brute force attack, or how AES256 allows for more combinations than AES128.

These are my simplified premises - assuming I have 100 unique characters on my keyboard, and my ideal password length is 10 characters - there would be 100^10 (or 1x10^20) combinations for brute force attack to decry-pt a given cipher text.

In that case, whether or not AES128 or AES256 is applied doesn't make a difference - please correct me.

Was it helpful?

Solution

Yes, you are correct (in that a weak password will negate the difference between AES128 and AES256 and make bruteforcing as complex as the password is). But this applies only to the case when the password is the only source for key generation.

In normal use, AES keys are generated by a "truly" random source and never by a simple pseudorandom generator (like C++ rand());

AES256 is "more secure" than AES128 because it has 256-bit key - that means 2^256 possible keys to bruteforce, as opposed to 2^128 (AES128). The numbers of possible keys are shown in your table as "combinations".

Personally, I use KeePass and passwords of 20 symbols and above. Using 20-symbol password composed of small+capital letters (26+26), digits (10) and special symbols (around 20) gives (26+26+10+20)^20 = 1.89*10^38 possible combinations - comparable to an AES128 key.

OTHER TIPS

how AES128 is stronger than AES256 in a brute force attack

AES does multiple rounds of transforming each chunk of data, and it uses different portions of the key in these different rounds. The specification for which portions of the key get used when is called the key schedule. The key schedule for 256-bit keys is not as well designed as the key schedule for 128-bit keys. And in recent years there has been substantial progress in turning those design problems into potential attacks on AES 256.This is the basis for advice on key choice.

how AES256 allows for more combinations than AES128

AES256 uses 256 bits, giving you the permissible combination of aroung 2^256, while in case of 128, its 2^128.

These are my simplified premises - assuming I have 100 unique characters on my keyboard, and my ideal password length is 10 characters - there would be 100^10 (or 1x10^20) combinations for brute force attack to decry-pt a given cipher text.

I am not quite sure what your understanding is, but when you say applying AES128/AES256, you actually encrypt your password into a cipher text.It is encoded information because it contains a form of the original plaintext that is unreadable by a human. It won't just use all the 100unique characters from your keyboard. It uses more than that. So, if you want to get the original password, you must find the key with which it is encrypted. And that gives you the combination figures 2^128 ans 2^256.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top