The myth of military grade encryption

Do you really need military grade encryption? Unless you are in military, it is just a marketing gimmick.

There are two major classes of encryption: (1) symmetric encryption, and (2) asymmetric encryption. In simple term, symmetric encryption means one uses the same key to encrypt and to decrypt. Asymmetric encryption means the keys used to encrypt and to decrypt are different. For “military grade” encryption, let’s just focus on symmetric encryption.

The most commonly used symmetric encryption algorithm is Advanced Encryption Standard, or commonly known as AES. AES is a block ciphering algorithm, this means it processes encryption in block — the most commonly used block sizes are 128-bit and 256-bit. “Military grade” encryption means AES 256-bit encryption, while most financial institutes have adopted AES 128-bit encryption.

How secure is AES 128-bit? Assuming you have access to one of the fastest super-computer in the world, it can process 33.86 PentaFLOP (10¹⁵) per second. Let’s assume it takes 1000 FLOP (floating-point operation) to check if you have cracked a key. To use brute force method (that is, try all combinations) to crack a 128-bit key (equivalent to 3.4 x 10³⁸ combinations), it requires approximately 318 billions of billions of years using the fastest computer in the world. The solar system is only 4.6 billion years old. 256-bit key has 1.1 x 10⁷⁷ combinations. You can do the mathematic to see how many years does it take the fastest super-computer in the world to crack that.

Based on above, no attacker will waste time and resource to crack even an AES 128-bit key. Hence, the myth of using “military grade” encryption is pretty pointless, AES 128-bit is more than adequate for the next 10 years even with the performance improvement of computers and supercomputers.

Security is usually broken with the weakest link. Data encryption is pretty solid even with AES 128-bit. Hence, the weakness lies in the followings:

(1) Where and how the encryption keys are stored?

(2) What encryption mode is used?

(3) How to exchange encryption key when data is shared?

If the encryption keys are stored centrally in one location, then, it is subjected to single-point failure. This is exactly what happen to many insider hack, which constitutes over 20% of the hack. An attacker or a malicious insider aims to gain access to an administrator account, then, all secrets are lost. A better way to protect from an insider hack is to implement a fully distributed key management system in order to avoid any single-point failure.

In my opinion, AES 128-bit with proper encryption mode (such as GCM or CBC) is better than AES 256-bit with an inferior encryption mode (such as ECB). ECB mode exposes pattern of repeated data. Even though the block size is larger, attacker can use statistical analysis to guess the secret. The detail of how each mode works is beyond the scope of this blog.

Lastly, how secret is exchange is the most important aspect of data protection. This is the weakest link in security. Attackers often go after flaws in secret exchange to gain access to protected data. This includes weakening of Transport Layer Security (TLS) which is commonly used in HTTPS protocol. A better way to implement a secret exchange protocol should contain three key characteristics: (1) immune to man-in-the-middle attack, (2) perfect forward secrecy, and (3) zero knowledge. Doing all three is hard, very hard, but a service provider who can do all three is more secure than those who can’t.