![]() ![]() 128-bit keys should indeed be phased out entirely (and that seems to be well on the way anyway), and perhaps 256-bit too at some point (even if it's only the very paranoid or very long termers, it's also not big stretch on modern hardware at all, so eh), but fundamentally yes symmetric crypto is fine. Even 2^128 is still ridiculous, and going to a 512-bit key brings us right back to 2^256 which is impossible. Obviously this is utterly trivially countered by doubling the exponent. So a 128-bit symmetric key could be cracked on average like 2^64 or a 256-bit key like 2^128. "The math" here is just Grover's Algorithm, that lowers the cost of generic brute forcing to O(sqrt(n)). > I'm not sure if anyone has run the math But yes GP was totally wrong about "all methods are broken when compute becomes faster". There are a variety of post-quantum cryptographic algorithms under development including some ones that would be ugly slow but likely effective bandaids if required, but that's still a not totally unreasonable concern for certain threat profiles. ![]() It's public-key crypto that has always been the worry thanks to Shor's Algorithm, and all modern widely used crypto there is indeed vulnerable if an actual scalable general quantum computer could be constructed. Specifically, modern symmetric crypto (and hashing which is a related but different thing) is fine. ![]() ![]() Modern cryptography is not breakable via brute force any more ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |