
Encryption Security May Not Be Secure Anymore (Possible AES Crack) - emilong
http://yournewswire.com/encryption-security-may-not-be-secure-anymore/
======
moyix
Seems _very_ dubious:

* As one poster mentioned, as far as I know factoring has nothing at all to do with AES.

* Mentions of it have previously been cropping up on conspiracy theory sites: [http://www.abovetopsecret.com/forum/thread1120355/pg1](http://www.abovetopsecret.com/forum/thread1120355/pg1)

* Nothing on the University of Toronto's press office page: [http://media.utoronto.ca/media-releases/](http://media.utoronto.ca/media-releases/)

* Terms like "Quadratic Curves embodied within numeric sentences such as Fibonacci Sequences, Non-Evenly Divisible Values including PI, Catalan Numbers, Mersenne Primes" set off my crank mathematics alarms pretty badly.

* ACA doesn't seem to have a section for presenting abstracts. Possibly they meant a poster? It can't be a full paper, because acceptance notification for that isn't until July 13th, 2016 ([http://www.mathematik.uni-kassel.de/ACA2016/images/poster.pd...](http://www.mathematik.uni-kassel.de/ACA2016/images/poster.pdf))

------
carey
Is there _any_ source for this that's less dodgy? Is it any different from the
known weaknesses in the key derivation for AES-256?

~~~
molecule
* > Is there any source for this that's less dodgy?*

The press-release link doesn't even go to any press release.

~~~
gandarojin
From the article:

> […] the press release has been removed and they are not responding when
> asked if they still plan to release the source code and take the abstract of
> their final paper to the conference in Kassel, Germany.

Edit: That does not mean that this story is not complete horseshit.

------
zephyrthenoble
The "press release" links to here: [http://www.mathematik.uni-
kassel.de/ACA2016/](http://www.mathematik.uni-kassel.de/ACA2016/) which is
definitely not the University of Toronto's Math or CS department page.

~~~
f_allwein
The link is to a conference in Germany, which apparently does not have all
sessions on its website yet. A conference in Germany is mentioned in the
alleged press release. On the other hand, University of Toronto does not
mention this on its press page (yet?):
[https://www.utoronto.ca/news](https://www.utoronto.ca/news)

Might be fake, but I guess the question is when, not if, this will happen.

------
dmfdmf
Setting aside if this is true or not (and my gut feeling is that it is not),
given the widespread impact of an AES or RSA crack what should one do with
such knowledge? It seems irresponsible to just publish it and let the chips
fall. On the other hand if you've spent your entire career in the field such a
breakthrough would be the ultimate achievement and would expand your career
opportunities a thousandfold and it would be very difficult to keep it to
yourself or a handful of colleagues sworn to secrecy.

------
ComputerGuru
Way too vague. It talks about the output of the AES block algorithm being
definitively non-random for certain inputs but then talks about factoring
integers which has nothing to do with symmetric transforms.

I'd (obviously) question their code, the implementations of their algorithms,
etc. instead. Also, no university I know publishes results like this instead
of in a respectable journal. If you really wanted to be fancy, you'd call a
press conference, not some dodgy PR news service.

------
bedros
Integer factoring has nothing to do with AES Crack. Are they talking about
RSA?

------
DKnoll
Here are all UofT press releases: [http://media.utoronto.ca/media-
releases/](http://media.utoronto.ca/media-releases/)

Note that this is nowhere to be seen.

------
dendisuhubdy
Can anybody confirm this?

