有很多公司喜欢声称您的数据受到军用级加密的保护。对于任何不熟悉技术术语的人来说,这听起来像是一个坚不可摧的保险库,您的数据永远不会担心受到损害。毕竟,如果它对军队来说足够好,那么它一定是惊人的。
我想对房间里的大象讲话,“军事级”实际上并不存在。好吧,至少不是你想的那样。当公司使用军用级这个词时,它主要是为了营销,很少有其他的。他们真正的意思是他们的公司提供高级(A)加密标准(S)( AES ) 256(E)加密。
尽管军方可能会使用AES加密算法,但它实际上是(AES)美国国家安全局(National Security Agency)( NSA )批准的第一个可公开访问的开放密码,用于保护“绝密”级别的信息。给它贴上军用级别的标签只会推动销售。所以,有了这个,我们就可以开始讨论重要的问题了。
HDG 解释:军用级 AES 加密算法有多安全?(HDG Explains: How Secure Is The Military-Grade AES Encryption Algorithm?)
我们认为,在深入研究AES-256加密算法之前,最好先了解加密的确切含义。
加密基本上是将信息分割成不连贯的东西。解密加密信息需要一个“密钥”来完成密码。密码是处理加密或解密时从开始到结束的整个过程。
这方面的一个例子是在处理使用 HTTPS 加密的网站时。当您尝试使用密码登录或提供信用卡号时,该私人数据在发送之前首先被加密。这意味着只有您的计算机和网站才能理解这些信息。将您对 HTTPS 站点的访问视为(Think)开始(to the HTTPS site)私人对话(加密)之前的握手。
其他级别的加密(Other Levels Of Encryption)
军用级加密是AES-256,它与AES-128和AES-192的不同之处在于(AES-192)AES加密算法中的密钥大小更大。从本质上讲,AES-256使用更多的处理能力来加密和解密信息,从而使入侵者更难破解。
当您听到银行级加密一词时,它几乎是一回事。唯一的区别是银行倾向于使用AES-128和AES-256之间的一系列(AES-256)AES加密。
AES-256显然更好,但是,AES-128仍然没有什么可嘲笑的。两者都是用于保护重要和私人数据的非常好的加密协议。您可能经常在不知情的情况下使用其中一个或两个。原因是AES-256已被许多不将其称为军用级加密的不同服务和软件采用。
美国军方在两个方面使用军用级AES加密算法。第一个是秘密(未分类)信息特定于AES-128。第二个是绝密(机密)信息,它使用AES-256。每当(Whenever)通过单个实体在两个级别上处理信息时,都采用AES-256作为标准AES加密算法。
AES加密算法是不可破解的吗?(Is the AES Encryption Algorithm Uncrackable?)
目前还没有一个AES-256实例被黑客入侵,但这并不是因为缺乏尝试。AES的第一次破解尝试是在 2011 年,针对使用 biclique 攻击的AES-128加密。(AES-128)Biclique攻击加密的速度比最常见的标准暴力攻击快四倍左右。它失败了。
攻击通过 126 位密钥强行入侵需要超过 10 亿年的时间,更不用说AES-128 了(AES-128)。只要正确实施了数据加密,就没有已知的攻击会损害AES提供的保护。
256 位加密等同于 2256 密钥可能性。为了说明这一点,我们将提供一个示例。假设来自世界各地的 10 亿台超级计算机决定联手取消AES加密算法。我们还将假设他们每秒可以查看 250 个键,这是慷慨的,因为这将使它们能够每秒处理大约 1 万亿个键。一年的秒数约为 31,557,600。
因此,这意味着有 10 亿台超级计算机一年不间断地计算,它们只能检查大约 275 个密钥。您将以 234 年的速度查看不到 0.01% 的全部可用关键可能性。您可以放心,在受到AES-256或“军用级加密”保护的情况下,没有人会在短期内窃取您的数据。
这种保护能持续多久还不得而知。几乎不可能确定AES加密是否以及何时会过时。美国国家(National Institute)标准(Standards)与技术研究院(Technology)创建了数据加密标准(Data Encryption Standard)( DES ),该标准持续了大约 20 年,之后才被认为是可破解的。
AES支持的密钥大小比DES支持的要大得多,这意味着AES有可能超过 20 年大关。
是否需要军用级加密?(Is Military-Grade Encryption Necessary?)
还有其他加密算法可以很好地保护您的个人数据。只要(Just)知道有零个行业或服务可以百分百免受攻击。鉴于大多数人不习惯提供他们的个人信息,除非它保持安全,因此服务不应该应用低于推荐标准的任何内容。那是AES-256或其他。
How Secure Is the Military-Grade AES Encryption Algorithm?
Thеre are plenty of comрanies thаt love to claim your data is proteсted by military-grade encryption. To anyonе who is not familiar with tech-savvy jargon, this would sound like an impenetrable vault where your data is never in fear of compromise. After all, if it’s good enough for the military then it must be amazing.
I want to address the elephant in the room, which is ‘military-grade’ doesn’t actually exist. Well, at least not in the way you’d think. When companies use the term military-grade, it’s primarily for marketing and little else. What they really mean is that their company provides Advanced Encryption Standard (AES) 256 encryption.
Even though the military may use the AES encryption algorithm, it was actually the first publicly accessible and open cipher approved by the National Security Agency (NSA) to protect information at a “Top Secret” level. Slapping military-grade onto it only serves to push a sale. So, with that out of the way, we can get on to the important question.
HDG Explains: How Secure Is The Military-Grade AES Encryption Algorithm?
We suppose that before we can dive into the AES-256 encryption algorithm, it might be better to start with what exactly encryption is.
Encryption is basically chopping up information into something incoherent. To unscramble encrypted information would then require a “key” in order to complete the cipher. A cipher is an entire process from start to finish when dealing with either encryption or decryption.
An example of this would be when dealing with websites encrypted with HTTPS. When you attempt to sign in with a password or provide a credit card number, that private data is first encrypted prior to being sent out. This means that only your computer and the website can understand the information. Think of your visit to the HTTPS site as a handshake prior to beginning a private conversation (encryption).
Other Levels Of Encryption
Military-grade encryption is AES-256, which differs from AES-128 and AES-192 by having a larger key size in the AES encryption algorithm. Essentially, AES-256 uses more processing power to encrypt and decrypt information making it more difficult for intruders to crack.
When you hear the term bank-level encryption, it’s pretty much the same thing. The only difference really is that banks tend to use a range of AES encryptions between AES-128 and AES-256.
AES-256 is obviously better, however, AES-128 is still nothing to scoff at. Both are incredibly good encryption protocols for protecting important and private data. You’ve likely been using either or both quite often without even knowing it. The reason being is that AES-256 has been adopted by many different services and software that don’t refer to it as military-grade encryption.
The US military uses the military-grade AES encryption algorithm on two fronts. The first being secret (unclassified) information is specific to AES-128. The second is for top-secret (classified) information, which uses AES-256. Whenever information is handled on both levels through a single entity, AES-256 is adopted as the standard AES encryption algorithm.
Is the AES Encryption Algorithm Uncrackable?
There has yet to be a single instance of AES-256 ever being hacked into, but that hasn’t been for a lack of trying. The first crack attempt at AES was in 2011, against AES-128 encryption where a biclique attack was used. Biclique is around four times faster at attacking encryption than the standard brute force attack seen most often. It failed.
It would take upwards of a billion years for an attack to force its way through a 126-bit key, let alone AES-128. So long as the data encryption has been implemented properly, there is no known attack that would compromise the protection afforded by AES.
256-bit encryption is equivalent to that of 2256 key possibilities. To put this into perspective, we’ll provide an example. Let’s say that one billion supercomputers from all around the world have decided to team up to take down the AES encryption algorithm. We’ll also assume that they can look at 250 keys per second, which is generous seeing as that’d make them capable of approximately one quadrillion keys per second. A year in seconds is around 31,557,600.
So, this means that with a billion supercomputers calculating non-stop for a year, they would only ever be able to check around 275 keys. You’d be looking at a rate of 234 years to look at less than .01% of the entire key possibilities available. You can rest assured, no one is stealing your data anytime soon while protected by AES-256 or, “military-grade encryption”.
How long this protection will last is unknown. It’s almost impossible to determine if and when AES encryption will become obsolete. The National Institute of Standards and Technology created the Data Encryption Standard (DES) which lasted approximately twenty years before it was deemed hackable.
The AES supports significantly larger key sizes than what DES supports meaning that AES has the potential to surpass the twenty-year mark.
Is Military-Grade Encryption Necessary?
There are other encryption algorithms that can do a fine job of securing your personal data. Just know that there are zero industries or services that are one hundred percent immune to an attack. Seeing as most people are not accustomed to giving out their personal information unless it remains secure, services should never apply anything less than the recommended standard. That being AES-256 or otherwise.