Image via CrunchBase

Part of my job involves reading through a lot of documentation, especially if it is security related. I don’t usually come across many mistakes or gaffes, but when I do, 99% of the time they were written by someone at IBM. The following quotes are all taken from IBM’s AIX V6 Advanced Security Features [PDF] redbook.

AES, as standardized by NIST, is not exactly in the form the Rijndael was originally submitted. It has a fixed block size of 128 bits, and has key sizes of 128, 192, and 512 bits.

Whilst a 512 bit key size for AES might be more secure, the standard doesn’t support it. The key sizes are actually 128, 192, and 256 bits. This is a simple mistake to make, so it is more forgivable than the others.

SHA256 is the Secured Hash Algorithm with a 256-bit key.

I’m not sure what the author of this statement was thinking of when writing it. The ’256′ in SHA256 corresponds to the length of the output the hash generates (256 bits). It is possible that the author was confusing a cryptographic hash function like SHA256 with an HMAC, which does involve a key. However, even then the key size is not dictated by the hash function used in the HMAC. Indeed, any length of key can be used, the longer the better. Additionally, the ‘S’ in SHA stands for “Secure” not “Secured”, but that is just a small nitpick.

Typically the owner of the private key encrypts data with their private key, and the receiver or reader of the data decrypts with the public key.

This explanation of how public key cryptography works is completely backwards, quite literally. The public key can safely be known by anyone (hence the name), so it makes no sense to use it to decrypt data. The proper way to use public key cryptography is to encrypt using the public key, and decrypt using the private key. This means that anyone can send encrypted data, but only the private key owner can decrypt it. The other way around, there is practically no security gained by encrypting the data; you are no better off than sending it in plaintext.

The resulting ciphertext was, and still is, impossible to crack with a brute force attack.

This was found in a section discussing Triple DES, which whilst being far stronger than regular DES, is not “impossible” to crack with a brute-force attack. In fact, nothing is impossible to crack with a brute-force attack (apart from properly implemented one time pads), since brute-force attacks generate and test every possible key. Such an attack on Triple DES is unfeasible, since generating the keys and running the attack takes a very long time with current hardware.