7 November 2010
State Department Warns Against AES Crypto
Passport security --DONT USE AES FOR SENSITIVE COMMS (why is that?)
"The Bureau of Information Resource Management's Radio Programs Branch (IRM/OPS/ITI/LWS/RPB) provides all overseas missions two-way radios equipped with Digital Encryption Standard (DES) or Advance Encryption Standard (AES). These encryption algorithms provide limited protection from unauthorized interception of voice communications and are only approved for the transmission of Department of State Sensitive But Unclassified (SBU) and Department of Defense For Official Use Only (FOUO) communications. Under no circumstances should DES- or AES-equipped radios be used for the transmission of classified information, as defined by Executive Order 12958."
It should be noted that AES was never intended to protect classified information.
"The National Institute of Standards and Technology (NIST) has been working with the international cryptographic community to develop an Advanced Encryption Standard (AES). The overall goal is to develop a Federal Information Processing Standard (FIPS) that specifies an encryption algorithm capable of protecting sensitive (unclassified) government information well into the twenty-first century."
A. is just giving proof that the government is incompetent.
AES with 192 and 256 bit key lengths is allowable for TOP SECRET NSI.
It is possible that they know of some vulnerability in the IMPLEMENTATION of AES as used for radio security.
Wouldn't surprise me in the least.
It also wouldn't surprise me that DoS idiots somehow forget to switch the little switch on the radio to "encrypt" from "clear" and broadcast everything in the clear sometimes.
It says NOTHING of the strength of AES itself, which has been vetted by many independent cryptographers over the years - many of whom were the competitors to Rijndael prior to it's ascension as AES.
The commercial radios covered by that DoS document were not designed to protect classified information.
"High grade privacy" is a correct description of the DES/AES implementation in those products.
The design criteria for use of AES to protect classified information is significantly different than that of these commercial radios.