Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

No, the security of AES assumes that AES is an one-way function. Otherwise, if AES is not one-way, one could decrypt it easily reversing the function. Symmetric encryption usually assumes the existence of one-way functions, but there are indeed some rare exceptions. The one-time pad is a construction with unconditional security and is secure even if one-way functions do not exist. Of course, it requires the assumption that each person will not reuse the key more than once. And without one-way functions, you also would never be able to exchange the keys securely using any computer network.


But you can reverse AES! You obviously need the secret key, but it's trivial to reverse the steps of encryption (it's actually a bit tricky to get all the steps correctly, but you can easily google how to do it, tons of example impelentations and lecture notes online).

There are a bunch of online tools that demonstrate it such as: https://www.devglan.com/online-tools/aes-encryption-decrypti...


Aes is a one-way function if you consider the key part of the arguments to the function.


One requirement for one way functions is to not easily find a preimage. With AES output you could decrypt it with a wrong key, get wrong plaintext, but they're still a valid input combination giving this same AES output


Fair point!

I guess it's a one-way function given only the key as input with a fixed ciphertext.

Incidentally if you use AES in a AED mode (like AES gcm) then it would be a one-way function but that is more about the MAC.


Different key = different function, so you have not inverted the original function and thus have not found a preimage.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: