As you've no doubt noticed by now, the Advanced Encryption Standard (AES) has seen widespread adoption by network hardware and software vendors recently. This gives network administrators an interesting dilemma, especially those interested in VPN appliances or software. In this tip, we'll look at the aspects of AES that you should consider if you're thinking about utilizing something that relies on this standard.
The two main concerns with an encryption algorithm are security and performance. In the first case, we have the 1970s-era DES encryption. In the world of security, a protocol with a life this long is generally a good thing. In DES's case, it's not, as its flaws have been shown over and over again; its successor is long overdue. These flaws are both fundamental vulnerabilities to types of attacks, and the simple fact that its short key length means brute force attacks are quick and effective.
In many ways, the AES algorithm addresses these concerns. In fact, the algorithm itself isn't known to be vulnerable to any of the attack methods that DES suffers from. And with real 128-bit encryption (as opposed to doing 56-bit encryption three times, like 3DES) and even 256-bit encryption, it's going to be quite a while (in theory) before brute force attacks are a problem.
Though, there is a downside to AES, and that's that it is a relatively new protocol, and as such, security researchers haven't had all that much time to try to crack it. We could find out at any time that it's vulnerable to an entirely new type of attack. In theory, at least.
When you're considering the performance requirements, AES also holds a theoretical advantage as its algorithm is much more efficient, especially compared to 3DES. However, it's worth noting that at this early date in the protocol's life, support for the algorithm in hardware may not be as mature as hardware support for the older 3DES algorithm. Thus, you'll likely find some platforms where 3DES is still faster (in terms of throughput) than AES-256 and others where AES-256 is faster. As you might suspect, AES-128 is almost always as fast or faster than AES-256. After a quick survey of marketing materials from various vendors, it appears the difference in throughput is usually on the order of 10 to 30%.
So as always, the right time to adopt the new standard will vary widely between organizations. The extra security will be worth the performance cost to some, while others will need budget ready for new hardware encryption models that support AES. Keep in mind that an upgrade could result in a performance improvement. In any case, be sure to do your homework before selecting a product.
Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.