Technology

Contrary to popular superstition, AES 128 is just fine in a post-quantum world

Source

Ars Technica

Published

Apr 21, 2026

TL;DR

AI Generated

AES 128 encryption is deemed secure in a post-quantum world, despite concerns raised by some about its vulnerability to quantum computing. The widely used AES 128 variant of the Advanced Encryption Standard has stood the test of time with no known vulnerabilities in its 30-year history. While amateur cryptographers have theorized about potential weaknesses using Grover's algorithm, the reality is that breaking AES 128 would still require an unfeasible amount of time and resources, making it a reliable choice for encryption. The key lies in the complexity of brute-force attacks and the inability of quantum computers to parallelize the workload effectively.

Read Full Article

Linux exploit instantly grants administrator access on most distributions since 2017 — cryptography optimization snafu grants root privileges to local users

A recent Linux exploit, CVE-2026-31431, allows local unprivileged users to gain root access instantly on most Linux distributions since 2017. The exploit affects popular distros like Ubuntu, RHEL, Suse, and Amazon Linux, as well as Windows' WSL2. The vulnerability, discovered by Xint Code researchers, involves a cryptography optimization flaw that grants administrator privileges through a devious attack on the AF_ALG socket. While a patch has been released, some distributions may still be vulnerable, requiring mitigation methods like disabling AF_ALG sockets. The exploit occurs in memory without leaving detectable traces on disk, making it challenging to detect with security software.

Tom's Hardware•

8 hours ago

In a first, a ransomware family is confirmed to be quantum-safe

A new ransomware family named Kyber claims to be quantum-safe by using ML-KEM encryption, a post-quantum cryptography standard. This encryption method is designed to be resistant to attacks by quantum computers, unlike traditional methods like Elliptic Curve and RSA. Security firm Rapid7 confirmed that Kyber uses the highest strength version of ML-KEM to encrypt victims' data with AES-256, making it the first known case of ransomware utilizing post-quantum cryptography. This development highlights the evolving tactics of cybercriminals to enhance the security of their malicious activities.

Ars Technica•

1 week ago

SNK revives the mighty Neo Geo in modern form — new AES+ system plays classic games without emulation

SNK and Plaion are releasing the Neo Geo AES+, a modern recreation of the classic Neo Geo system without emulation, using custom-fabricated ASICs to replicate the original 16-bit chips. The new system features an overclocking function to address game slowdowns, a low-latency HDMI out, and supports original AES cartridges. The launch lineup includes 10 games, with the option to pre-order different bundles ranging from $249.99 to $999 for the Ultimate Edition. The absence of some classic titles hints at potential future releases, and the AES+ may pave the way for new indie games on the platform.

Tom's Hardware•

1 week ago

Recent advances push Big Tech closer to the Q-Day danger zone

Sophisticated malware known as Flame exploited a vulnerability in Microsoft's update distribution system back in 2010, highlighting the dangers of cryptographic weaknesses like MD5. The attack, which involved forging digital certificates, serves as a cautionary tale for the tech industry. As cryptography engineers work to replace vulnerable algorithms like MD5, organizations are implementing new solutions to mitigate the risks posed by quantum computing advancements.