I am researching if there are any real risks to having laptop hard drive encryption strength at AES 128 vs. AES 256 bit. We want our client to upgrade their laptop hard drives (physical workstations) from AES 128 (current) to AES 256. Our client's security group says there is no real risk (e.g. risk of a brute force attack). Yes, it is best practice to upgrade to AES 256 but it is not required because the risk of a brute force attack allowing a hacker to break AES 128 encrypted hard drives and get access to stored info is super low.
@Midude2000I think you need to run a risk assessment, along the lines, of what is the value of the data stored on the laptop drives, and what would be the impact, if they were stolen and by whom?
If the laptop was stolen, and you happen to be a member of a security community or government, obviously the value of the data, may be far greater, and the employee may actually be a designated target i.e., well worth the effort to steal the laptop. State Nations, do have the capabilities to attack AES-128 bit - yes they have the resources and the need to access it. If you are a member of a security community, you won't be using AES-256! But if you are outside of this community, then you simply will not have access to these algorithms.
There is probably more likelihood that the client will have a sticky label with the password, or have left the external dongle attached to the laptop, far easier to access the device. So good security awareness is essential.
First understand how AES-128 and 256 actually works cryptographically.
There are many different modes, which are applicable to various combinations.
Out of 128-bit, 192-bit, and 256-bit AES encryption, which progressively use more rounds of encryption for improved security, 128-bit AES encryption is technically the least secure.
The standard baseline for most industrial solutions is now AES-256 by default, so encourage your users or clients to upgrade to AES-256.
Now just wait 5 years, and with quantum cryptography being readied, no need to break AES-128, just gather all the laptops you want to target, collect them. And when Quantum Cryptography is available just crack all those laptops - no problem at all. The data may be irrelevant by then, but its still treasure.
Like @Caute_cautim said, the risk will increase as devices get faster. Going forward, I would suggest that any new equipment issued use 256bit keys. It takes time to de-encrypt and re-encrypt a hard drive, so it's understandable that there would be some pushback. If they have a refresh cycle between 2-4 years, it won't be an issue.
I agree with the advice that you have been provided here.
What you do not say, is what else has been recommended.
In working with Auditors, consultants, etc., I have found that their organisations get paid to make / review / etc. recommendations. The problem is that many times, the recommendations are / may not necessarily be the easiest, or the most costly or even do the make the most sense to implement due to time, etc. To replace 128 with 256, the user would be without their device for a specific length of time or without their data and it will take a tech's time to implement the change; neither of these may be acceptable to the organisation as both add costs.
If this is the only recommendation that your organisation has made, then as @tmekelburg1 has stated, move all new devices to 256. However, if the list of recommendations has other items, their organisation may only have time/money/resources to implement some of them and will prioritise them.
@dcontestiI agree, hence carry out a practical risk assessment to weigh, the impact, costs, and advantages of moving to AES-256 encryption and different modes available.
There are many aspects to weigh up, reviewing corporate policies and baselines is an important step in any organisational approach.
A good source of reference is Government standards such as New Zealand Information Security Manual or the equivalent Australian Information Security Manual, both of which are available online, are great sources for baselines for various environment, as well as the usual NIST guidelines.