# AES hacking

#### Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

•  Subject
• Author
• Posted on
Hello,

I=B4m trying to get me into AES. I don=B4t know whether I understand it
right, but I think there is an input string and a key which is passed
to the encryption algorithm. Then I get back the encrypted string. To
decrypt it, I have to supply the key and the encrypted string.

Now, how do I find out the key if I have an input value, and an output
value (in fact, I can generate more and with any content)?
Are there tools or Ruby/Perl/Python/PHP snippets that let me do this?
Or, just give me some theoretical info.

Thanks!
sokrAtes

## Re: AES hacking

sokrAtes wrote:

Since AES is secure so far, your best chance to simply try all possible
keys. Since they're so many (2^keylength), this is infeasible.

Sure, it's trivial to write.

## Re: AES hacking

Can you point me to an adress where I can find information on how to
do it?
I=B4m not finding anything useful when searching with \$searchengine\$...

## Re: AES hacking

As Sebastian says, given the input and output, the only way to derive
the key is to try every single one, so what you need to do is
IMPLEMENT aes encryption, then try every key.

of course, it's going to take you until the end of the universe to do
that, so why bother starting?

S.

## Re: AES hacking

Now, what if the key is 10 chars long...
They would be  2^10 = 1024 possible keys, which is not really much to
try out.

## Re: AES hacking

sokrAtes wrote:

Excuse me, I though you meant 2^(10*ld(possible chars)), so typically this
turns out to be 2^60, which still is a lot.

## Re: AES hacking

I think AES only works at 128 bit minimum keys, so even 2^60's not
going to help...

## Re: AES hacking

SafeBoot Simon wrote:

We're talking about a reduced keyspace with an efficient key preprocessing.

## Re: AES hacking

sokrAtes schrieb:

yes 2^10 is indeed 1024, but AES works with at least 2^128 which means a
lot of cpu power. you have multiple rounds of encryption with a block
size of 128bit and a key length between 128-256bit.

you sure need a cluster or some kind of distributed network in order to
make a good brute-force attack.

are you interested in further academic research on this topic ?

Berk