Experts fear broken crypto standards

Two of the most widely used encryption standards - Advanced Encryption Standard (AES) and Serpent - may have been broken, but the theoretical attacks will not be a reality for at least 10 years.

It is also unclear whether the attacks actually work. Bruce Schneier, chief technology officer at Counterpane and renowned crypto expert, said: "In either case, there's no need to panic. Yet. But there might be soon. Maybe."

A recently presented paper by cryptographers Nicolas Courtois and Josef Pieprzyk outlined attacks against AES and Serpent carried out by "expressing the entire algorithm as multivariate quadratic polynomials, and then using an innovative technique to treat the terms of those polynomials as individual variables".

In layman's terms, they claimed to break the algorithms.

But the paper outlining the XSL attack was so hard to understand in itself that interest waned quickly. The problem is that cipher key lengths have become so long that attacks simply cannot be implemented because their complexity is too great.

"There's no cause for alarm yet. These attacks can be no more implemented in the field than they can be tested in a lab," said Schneier, explaining that no communications are yet at risk and no products need to be recalled.

"But there is call for worry," he added. "If the attack really works, it can only get better."

Schneier said that optimisations of the XSL attack could break AES at a lesser complexity, "in which case things starts to get dicey about 10 years from now. That's the problem with theoretical cryptanalysis: we learn whether or not an attack works at the same time we learn whether or not we're at risk."