Mark Riggins apparently wrote:
>Faster hardware means:
> 1) older encrypted messages based on shorter key lengths
> are now fair game.
> 2) one can brute force messages encrytped under slightly longer keys.
> 3) one can encrease key length substantially and dramatically
> increase the effort necessary to brute force the newly
> encrypted messages.
>In other words, the gains from faster hardware outweigh the losses
>when we're talking about the future of encryption. This is not
>making everyone equally happy!
The problem that is sidestepped here (in this thread in general) is
that of improved algorithms being available with current/future hardware.
A friend of mine is getting (someday...) his PhD studying factoring
of large numbers (and lots of side work in prime numbers in general). Should
he, or anyone else, find a quick & easy factoring algorithm, then public key
systems based on RSA and similar algorithms could become immediately invalid
(poof!). The phrase "computationally infeasible" doesn't just mean brute
force on the latest supercomputers, but also "nobody figured out a great
shortcut for this yet" as well. Being able to quickly encrypt with 4096-bit
keys does little good if your public key can be factored with ease.
>One interesting implication from all of this is that when you select a
>key length for encryption, you should factor in the number of years
>that your message should remain secret. Yesterdays
>encrypted messages are easier to break with today's hardware.
Another valid point. The time value of data should surely be thought
about when determining algorithms & keys. If you're encrypting the secret
ending to next week's Simpsons, then you might not need as strong encryption
as someone encrypting their stock portfolio, or the DoD encrypting missle silo
Sean Cox, Systems Engineer FactSet Research Systems
com Greenwich, CT