[cm2187]

The other thing is that cryptography doesn't make a conversation completely private forever.

I remember a conference where old crypto algorithms were mentioned. Unbreakable in the 80s or 90s but now trivial to decipher. The speaker implied that both Russia and the US would have carefully recorded and stored all of each other's communication and that we can bet that the content of these communications is still interesting today, not just for their historical interest.

We live old. Much older than the technologies we use. Now our gvt is doing to us what they would only do to foreign embassies.

[tptacek]

I think it's important to keep in mind that crypto is probably not on a Moore's-Law-like track, so that the ciphers we're relying on today will probably be trivial to break in 20 years. In fact, the things that make 80s-90s crypto breakable mostly aren't algorithmic weaknesses but rather implementation flaws that weren't well understood then but are now.

Quite a bit of 90s crypto remains unbreakable, because the data is at rest and will never be put back into a circumstance that exposes the weaknesses of its cryptosystem.

[pbsd]

The Russian counterpart to the DES, GOST 28147-89, still stands to this day. A 64-bit block cipher with a 256-bit key, designed in the 70s.