Quoting Greg Freemyer
There is a program that runs on a 100 machine cluster that will break a 40-bit key in a few days.
Rivest-Shamir-Adleman/Diffie-Hellman based algorithms (Although actually GCHQ James Ellis made the same discovery a few years before) are based on the harshness of factoeizing a product of two primes. It took me only a few seconds on a 486 DX4-133 Linux box to factorize some 40-bit products. All that matters is choosing the right factorizing algorithm.
Using the same program / computers to break a 128-bit key, it will take longer than the Sun's lifetime to break it.
When Simon Singh's book (The Code Book, 4th Estate, UK) was released in 1997, there was a contest with a £ 1,000 reward for anyone that would break the key.in the next coming years.It actually was broken by Autumn 2000 by a Scandinavian team using a 4-CPU Alpha based system with the Lenztra's Elliptical Curve Method. It was a 128-bit long key though.
Speed increases of 10^9, 10^12, or even 10^15 are needed and those are not close.
Maybe something like the Seti program that can steal cycles from millions of computers could conceivably help.
Indeed, but with an algorithm that is suitable for distributed computing.
So if machines get 1000 times faster in the next x years, and a seti like background program allows billions of computers to work in parallel, then 128-bit keys may be breakable, but then the bad-guys just move to more bits.
Brute-force decrypting is definitely a losing battle.
Quite correct: there are only two ways : - Use a better algorithm - Change of technology (Quantum mechanics based computers - a bit sci-fi if you expect them on your desktop, but certainly not in some places in MD, Cheltenham, or other places, but they will not let you know what they are at ;) ) Enjoy available stuff at : http://www.upl.cs.wisc.edu/~hamblin/files http://wonka.hampshire.edu/~jason/math/smithnum/ http://mathworld.wolfram.com/topics/Factoring.html