...brute force
attacks against 256-bit keys will be infeasible until computers are
built from something other than matter and occupy something other
than space".
---Bruce Schneier in
Applied Cryptography
As we all know, it has proven to be
very foolish to make predictions about system's security (see also
my wu "Never assume your system is undefeatable"). But the fact is
that here, within his statement, Bruce Schneier is implying that
there is some kind of an inherent property of matter, something like
a law of nature that makes brute force attacks against 256-bit keys
infeasible, and not something
about the technology of the devices we use nowadays or the ones that
we will be using after 350 years.
One may find clever and sly ways to
brute-force keys. Some known ways include the Chinese Lottery which,
though never actually practiced, would perfectly work: The Chinese
government instructs all Chinese factories which produce TVs to
integrate a brute-force, million-test-per-second cracking chip in
every TV. When the Chinese government wants to break a key, they
would broadcast it through airwaves to all TV sets and the numbers say
that after about 20 hours, the key would have been recovered (with very
moderate assumptions about the percentage of people which own a TV).
But whatever one may come up with,
there are some things that seem to be very unlikely to change. Such are
the laws of thermodynamics and especially the second one. One of the
implications of the second law of thermodynamics is that information
requires energy in order to be represented. So, if we have a system (a
"computer" in our language) and we want it to record the value of a
single 'bit', we need energy at least kT, where 'k' is
the Boltzman constant (k = 1.38*10-23 Joule/oK)
and 'T' is the system temperature in Kelvin. This is calculated using
the equation which connects the energy with the temperature of a system
(E = kT). Supposing that our
ideal computer would work at the average temperature of the universe
(3.2 oK) (so that it does not require cooling), the required
energy to record a bit would be around 4.416*10-23 Joule.
Now, to make things clear, let's play a
bit (pun intended ;-) with numbers. The annual amount of energy
that our sun radiates is about 1.21*1034 Joule. Dividing
with the per bit-change energy, we calculate that using the whole
energy of our sun for a year, we could provide power for our ideal
computer to perform 2.74*1056 bit changes. This is enough to
have a 187-bit counter go through all its states. Just think... having
an ideal computer, working at the freezing temperature of 3.2
Kelvin, using all the energy of our sun for a year... and all that
for just having a 187-bit counter go through its states, let alone for
making the intense computations that each of these states requires to
test the key...
Even sucking all the energy from a
supernova would be just enough to pass through all states of a
219-bit counter... So, it is clear that a 256-bit key (which, just to
be represented while we brute-force it on our ideal computer, would
require the energy that 400.000.000.000.000.000.000 suns like our sun
radiate in a year...) seems errrr... kinda difficult to
brute-force...
And the amazing thing that we must keep
in mind, is that all of the above calculations are completely
independent with contemporary and future technology
advances... As long as computers are made of matter, 256-bit keys will
be secure against brute-force. Except of course... if we break the
second law of thermodynamics :-). But even then, who would give a damn
if 256-bit keys were rendered insecure, when we would have defeated the
most persistent law of nature?
Clues taken from:
Applied Cryptography 2nd edition, Bruce Schneier
The Universal Constants, Gilles Cohen-Tannoudji