Can AES-256 be broken?

Discussion in 'privacy technology' started by truthseeker, Jun 14, 2008.

Thread Status:
Not open for further replies.
  1. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    I am using 7z to create archives and to encrypt them.

    http://www.7-zip.org/

    7z uses AES-256 password encryption.

    But I have seen some 7z password recovery programs on the internet.

    Does this mean someone can crack or break my 7z AES-256 encrypted files?

    I am using a non-dictionary password that is 14 characters long.

    How long would it take, using the latest PC's, a brute-force attack on my 7z AES-256 archives to find and crack the password?
     
  2. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,934
    Location:
    SW. Oklahoma
    you would have to have something awfully important in your files for someone to want to break your encryption. but almost any encryption can be broken if the person trying to break it wants it bad enough and has a bit of knowledge and a lot of time. But for a home computer you should be safe enough.
     
  3. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Ok, I will put your comments to the test.

    I will send you a simple text file encrypted with AES-256. Within the text file there is a simple text word. Then write back to me and tell me what that word is that I wrote in the text file. If you can do that, then I will believe your comments above and you will have proven your comments to be true, and you will have proven that you have cracked my AEA-256 encrypted file.

    What is your email address, or how can I send you this 7z AES-256 encrypted file so you can break it and prove it can be done?

    If you are not willing to prove your comments, and not even willing to try to break my encrypted file, then I will consider your comments void and not based on any valid foundation, and just empty words.
     
  4. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    Sorry but this post makes me chuckle. Bigc does not have the computing power to brute force the program. National security agencies may have very expensive (in the order of millions, possibly billions of dollars) hard coded machines to brute force if they need to.

    Another alternative is to look for implementation flaws in 7z's handling of the crypto. Maybe 7z hasn't deleted your local copy so someone with access to your computer may be able to recover it etc.
     
  5. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,934
    Location:
    SW. Oklahoma
    I will agree that AES-256 is a very very secure encryption. And even if I had any interest in breaking your encryption I do not have the tools to do so. If you feel secure in useing it that is a great thing and you should keep useing it. And I don't have to prove myself to you or anyone else, You posted a question and I replied. If you don't like my answer then Ignore it. But when you ask a question and then question and challenge the answer some one gives you it sounds more like you were not asking a question but you were looking for someone to post what you wanted to hear instead.
     
  6. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Last time I checked, AES was still unbreakable, but there's no need to be so harsh on bigc.

    I believe a brute force attack could theoretically succeed, providing the attacker knows the amount of characters on the password. But how long would that take? Let's see.

    *PLEASE SOMEONE CORRECT ME IF I'M WRONG HERE*

    You say you have a 14 chars password. Lets say you password is strictly alphanumeric. So there are 26 letters + 26 capital letters + 10 digits.
    That's 62 possible characters. The amount of combinations would be:
    62^14, or:

    12401769434657526912139264

    Lets assume that the brute force lats attempt is your password. I don't know how long it takes for a password cracker to generate and try a single combination. If that time is 1 second, the password would be cracked in 393257529003599914.768 YEARS. I think that your data is really safe, even if it takes a millionth of a second to generate and try the combination.

    (For 1/1,000,000 of a second: 393257529003.59 YEARS - THAT'S 26 TIMES THE AGE OF THE UNIVERSE)

    Now imaging NOT KNOWING the amount of characters...o_O o_O o_O o_O


    *AGAIN, PLEASE SOMEONE WITH MORE KNOWLEDGE CORRECT ME IF I'M WRONG*
     
  7. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,934
    Location:
    SW. Oklahoma
    You are probably close in the time span. And in my post I did mention that they would have to have a lot of time :D
     
  8. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    Only the one time pad is theoretically unbreakable. However it is practically impossible to implement.

    AES is breakable by brute force, but is considered secure as there is no publicly known cryptanalytic methods that can break it faster than brute forcing.

    The speculation is that the NSA, MI6 <insert some other national security agency> may have either 1) very very expensive machines that can brute force in a 'reasonable' amount of time (i.e. before the end of the universe) or knows a way attaching the AES cipher itself to making it easier to crack than just brute forcing.

    Haha I think you need to be clearer with 'lot of time' :p.
     
  9. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    So are you saying that National security agencies can do a brute force on a AES-256 encrypted file and decrypt it in this lifetime? If so, what data or sources from any National security agency do you have that backs this up?

    By the way, once 7z encrypts my file, I use Eraser from heidi to wipe it using US DoD 7 wipes.
     
  10. malwaretesting

    malwaretesting Registered Member

    Joined:
    May 17, 2008
    Posts:
    77
    I don't think there's any credible speculation that any agency can break a properly implemented AES. There are no known cryptanalytic attacks, and actually bruteforcing AES-256 is probably beyond human capabilities within any of our lifetimes. Let's assume that 56 bit DES can be bruteforced in 1 sec, which is a ridiculous assumption to begin with. Then AES-256 would take 2^200 seconds, which is 5 x 10^52 years. So, you can see that without any known weakness in AES, it would be a total impossibility within any of our lifetimes, even with quantum computing. Our sun will explode, approximately 5 billion years from now, before we obtain enough computing power to bruteforce AES-256 without a known weakness. IF a weakness in AES is never found, there is absolutely no reason to ever look for another cipher besides AES. It will suffice for as long as humans occupy the planet.

    Your password is a different story. I cannot comment on how strong it is without more information. But needless to say, it will have far less then 256 bits of entropy. So that may be your weakest link. I also cannot comment on the implementation of AES in 7-zip. As well, your likely weakest link is going to be any plaintext information you have stored on your operating system.
     
  11. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    I was genuinely asking, it's a very interesting topic for me. Thanks anyway for trying to help.
     
    Last edited: Jun 14, 2008
  12. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    I was not being hard on bigc. I simply put a challenge out to him to backup his comments. Nothing wrong with that. Nothing I said upset bigc, but the challenge to prove and backup his comments seems to have upset him.

    A person has the right to put out a challenge to anyone making claims such as bigc did, and there's nothing wrong with challenging someone to backup their claims.
     
    Last edited: Jun 14, 2008
  13. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Yes you did, so in all fairness to you bigc, you did say "A LOT OF TIME", which can mean 1 billion years, so sorry if I came across pushy, but I was only putting out a challenge :)
     
  14. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,934
    Location:
    SW. Oklahoma
    not a problem big guy. Life is to short to get upset for very long;)
     
  15. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Thank you for this message. It answered my original thoughts and was very informative. Thanks again.
     
  16. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Do you have any solid data to support that? LOL (only joking)

    Yes, I agree. I live by this saying "Life is too short to worry about everything"

    I have never seen a dead person in their graves sit up and say "damn, I should have worried more in my short life on Earth"
     
  17. malwaretesting

    malwaretesting Registered Member

    Joined:
    May 17, 2008
    Posts:
    77
    With 62 potential characters, the amount of entropy that a completely random 14 character password would achieve is about 83 bits of entropy, which is far less than the 256 bits provided by AES-256, but still probably sufficient for all but the most well-funded attackers. But consider that most people will not generate a truly random password. So, you have to figure he has substantially less than 83 bits. Plus, factor in any operating system leaks due to an inexperienced user.

    So, it's not the AES that's the limiting factor. It's the user.
     
  18. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    My password contains letters, numbers and even a space. So I think it's a good long password. I hope so anyway. I use encryption to encrypt a text file I have on my laptop that contains all my banking details and bank pin numbers etc, so that is why I have been asking as I have to make certain that it cannot be broken by someone in case my laptop is ever stolen etc.

    Thanks everyone who contributed to answering me. I am now happy and satisified with peace of mind that I can continue to use 7z and its built-in AES 256 encryption feature. I am confident that if anyone got a hold off my laptop that they cannot access that text file. I am especially talking about the average person who would not have access to the latest most powerful processors and tools anyway to crack it.
     
  19. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    According to the Help file provided with WinZip Pro 11.2, . . .

     
  20. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    1,034
    Location:
    Hawaii
    I hope you realize that every time you open one of your encrypted files it's written to a temp folder as plaintext. This is the major weakness of all zip encryption. So keep on wiping! Or choose a method of encryption that doesn't writes plaintext to disk.
     
  21. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Just remember, it also depends on the correct implementation of AES by 7-zip.
    Sometimes this is the weakest link.

    (PS: I have my bank passwords and pins encrypted with a 144 bits diceword password. I hope it's enough. And I hope that Keepass has a correct implementation, altough I believe it doesn't use AES)
     
  22. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    What temp folder?
     
  23. malwaretesting

    malwaretesting Registered Member

    Joined:
    May 17, 2008
    Posts:
    77
    Assuming 62 possible character and a completely random password, then you would need about 43 characters for AES-256 and about 21/22 characters for AES-128. But, under the assumption that most people cannot choose or remember a completely random password, then 64 and 32 characters respectively would provide a good safety margin.
     
  24. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    So I need to have a password that is 64 characters instead of my 14?

    What does this mean now for my 14 character password? It be can broken in a very short time?
     
  25. malwaretesting

    malwaretesting Registered Member

    Joined:
    May 17, 2008
    Posts:
    77
    Like I said before, a 14 character, truly random password (~83 bits of entropy) would be sufficient to protect against all but the most determined attackers. And even then, they would probably need at least a year to break it. Consider that your password probably isn't truly random, but, if it's close, it should be sufficient.

    If your enemy is the NSA, then you might be in trouble. If it's just some random hacker, don't worry about your password. It should be more than sufficient. Focus more on any potential leaks in 7-zip or your operating system.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.