0 thoughts on “The myth of the AES back door

  1. Like the head crypto guys at the NSA are going to tell you there’s a backdoor, so you can use something else. That’s kind of like asking Jack-o if your kids had fun at Neverland.

  2. Once again:
    – AES was created by an international standards body
    – Rijndael (AES) isn’t American, its writers are Belgians
    – Rijndael (AES) is an open standard encryption algorithm

    The most important point is that AES is Open Source. Everyone in the world can get a copy and then implement it. It is exactly as if I gave you a book and then you claimed that there are secret hidden chapters. You have the book, you can read it for yourself. Same with AES, YOU HAVE THE CODE; read it yourself. You will find no backdoors and strength limited only by the password’s strength. Shoddy implementation is the only weakness.

    To Chris: you are entitled to your own opinions, but not to your own facts. Unfortunately, in this case the facts make your opinion… “weak”.

  3. Clear Thinker,

    You are absolutely wrong. AES was developed for a competition for the NSA. The NSA approved “raindoll” on the basis that they could insert a backdoor and decrypt it. You should understand that the objective of NSA is to read all information traveling over the Internet, your cell phone, and any other information device. If the NSA is pushing AES, understand that they are able to crack it!

  4. In this context, ‘back door’ is probably understood as a hard-coded weakness.
    It does NOT have to be anything like that. The NSA are very, very good, and they specialize in things like finding weakness in crypto algorithms – They are SPIES.

    I believe that, while AES is a very decent algoritm, the NSA would not be pushing it unless they knew they could break it. And keep in mind, the NSA has access to the kind of hardware that would make any decent geek cum in his pants.

    Listen too @Dr. Crypt

  5. Hey, conspiracy nuts, listen up: The algorithm is OPEN SOURCE! Like Clear Thinker said: You, and everyone one else, HAVE THE CODE. There is no back door. Read it yourselves.

    And the NSA is not “pushing” AES. They are USING it, and has certified it for specific purposes. That is not “pushing”.

    Dr. Crypt’s claims are unsubstantiated. The only basis for his claims seems to be that NSA chose AES after a competition.

  6. this is basically the myth that the NSA or any other government agency are some kind of gods and can do unwordly things.

    as it was said before: the AES algorithm isnt developed by the NSA, its opensource, so everyone can check it and its less intelligent to believe that the NSA can do better than all the most intelligent heads of the world who checked the algorithm.

    theres the tiny possibility that one guy is such a genius that he found a flaw in the algorithm that can be exploited… but that guy is most likely not employed at NSA.

    remember its all just humans. and there is only a very small percentage of humans working at NSA. and not everything can be solved by money.

    in this case its unlikely there is a serious weakness at all that can be exploited with the current level of technology. but if there actually is one… it takes another einstein to find it.

    and einstein wasnt employed at the NSA either.

  7. Well the real question comes down to whether the NSA would want to use a cryptographic method that they themselves can’t crack, not for the reason of them “pushing” it on other parties to use but more or less to ensure that their own data can be decrypted should something happen with the key infrastructure.

  8. Just because AES is open source does not mean the nsa does not have a backdoor.
    That is like saying that apache definitely has no more exploits because the code has been reviewed so many times… We may believe it, until the next bug report or 0day shows up. The NSA is not in the habit of helping people keep secrets from them, or did you think they were?
    I choose blowfish over AES.

  9. Pull up the AES code for yourself, there is PLENTY of room for undiscovered mathematical weaknesses in the algorithm. In fact it is impossible to say without a shadow of a doubt that it is completely secure, simply because the keyspace always has to be smaller than the messagespace. Otherwise we would simply use modifications of a one-time-pad instead of block ciphers. I predict in the coming decades we are going to see more and more weaknesses in the S-Boxes of AES. That is where a mathematical weakness is likely embedded.

    Use a lesser known, but still secure algorithm, like Serpent.

  10. Dont forget that if NSA cracked AES, others can do as well. It would be dangerous for them too. Still not saying that NSA didn’t crack or find a backdoor.

  11. Well, I guess the recent revelations on NSA backdoors (dual_ec_drbq) showed all the smug “sane” folks here to be the retards that they are. But they’ll never learn. It’s always the idiots that calls themselves “clear thinkers”. And I have yet to meet a jeff that’s not an imbecile.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.