[liberationtech] What would you reply to this?

Seth David Schoen schoen at eff.org
Sun Jun 14 21:28:25 CEST 2020 

Richard Brooks writes:

> On 6/14/20 2:48 PM, David Stodolsky wrote:
> > 
> > Not true. Strong crypto can’t be cracked.
> 
> Depends on the computational bandwidth. You do not know
> how many CPUs/GPUs they have.

That's probably not ultimately the most important question.  For example,
with AES-256 there is a thermodynamic argument that you can't get the
energy you would need to complete a brute-force attack.  Schneier
famously said about this

  These numbers have nothing to do with the technology of the devices;
  they are the maximums that thermodynamics will allow. And they
  strongly imply that brute-force attacks against 256-bit keys will be
  infeasible until computers are built from something other than matter
  and occupy something other than space.

This doesn't mean that nobody could ever crack AES-256, but it means
that a mathematical insight would be necessary to get a dramatic speedup
relative to brute force.  The value of that insight would significantly
dominate the computational resources in determining the feasibility of
the attack.

(People have done lots of these calculations with different assumptions.
For example, you could use Landauer's principle
https://en.wikipedia.org/wiki/Landauer%27s_principle for the pure ideal
thermodynamic calculation, or look at current Bitcoin mining hardware --
which represents a huge multi-year, multi-million dollar international
commercial effort to optimize the efficiency of brute-force
cryptographic search hardware -- and assume that a government can build
hardware that is 1,000,000 times more energy-efficient, or something.
The fun thing then is that the costs for either hardware or electricity
for pure brute-force attacks even on a 128-bit key space will still be
comparable to all the resources available in the world.  Scalable quantum
computers do change these calculations, but as Scott Aaronson tires
himself out pointing out, they let you take the square root of the key
space, not reduce it to zero.)

-- 
Seth Schoen  <schoen at eff.org>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107

More information about the LT mailing list