Boiling Every Ocean on the Planet … 16,384 times … To Crack A Single Key

I had to smile the other day when a company asked for my advice. They thought that 128-bit keys for AES were too small and that they were thinking of migrating their systems to 256-bit keys. A consultant from a major consultancy company had advised them that 128-bit keys were not safe and that they could be easily cracked.

I smiled because a 128-bit key has 340,282,366,920, 938,463,463,374, 607,431,768,211, 456 different keys (2¹²⁸). If we try 10 billion keys per second, and it will take:

529 million million million years [ link]

to brute force.

So what was the problem that the consultant had identified?

Well, they reported that they were worried about GPU crackers and Cloud-based instances. But GPUs are generally attacking hashes and not AES. There are many weaknesses in password hashing that make it fairly easy for them to be cracked. Anyway, it’s the cost of the work that really matters and how much it will cost an adversary to crack the messages. Also, it’s the way you generate the keys from passphrases that actually matters more than the key size. If the keys are truly random, then there’s virtually no chance that an AES encrypted message will ever be cracked within our…