[adrianN]

256 bits is out of bounds for brute forcing for any realistic amount of hardware you throw at it. So either they have attacks on the actual algorithms that drastically cut down the complexity compared to a brute force attack, or this law doesn't do very much (other than perhaps pave the way for other laws).

[caf]

It's also out of bounds for brute forcing for any realistic amount of Dyson Spheres you throw at it.

[willcipriano]

For those who don't get the reference:

"One of the consequences of the second law of thermodynamics is that a certain amount of energy is necessary to represent information. To record a single bit by changing the state of a system requires an amount of energy no less than kT, where T is the absolute temperature of the system and k is the Boltzman constant. (Stick with me; the physics lesson is almost over.)

Given that k = 1.38×10-16 erg/°Kelvin, and that the ambient temperature of the universe is 3.2°Kelvin, an ideal computer running at 3.2°K would consume 4.4×10-16 ergs every time it set or cleared a bit. To run a computer any colder than the cosmic background radiation would require extra energy to run a heat pump.

Now, the annual energy output of our sun is about 1.21×1041 ergs. This is enough to power about 2.7×1056 single bit changes on our ideal computer; enough state changes to put a 187-bit counter through all its values. If we built a Dyson sphere around the sun and captured all its energy for 32 years, without any loss, we could power a computer to count up to 2192. Of course, it wouldn’t have the energy left over to perform any useful calculations with this counter.

But that’s just one star, and a measly one at that. A typical supernova releases something like 1051 ergs. (About a hundred times as much energy would be released in the form of neutrinos, but let them go for now.) If all of this energy could be channeled into a single orgy of computation, a 219-bit counter could be cycled through all of its states.

These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space."[0]

[0]https://www.schneier.com/blog/archives/2009/09/the_doghouse_...

[SAI_Peregrinus]

Formatting removed some ^ symbols.

It's worth noting that if those Dyson spheres were quantum computers (and we ignored light-speed delays even within single spheres) you'd only need to count up to 2^128, not 2^256 to brute-force a 256-bit key. Still well outside the realm of possibility for anything smaller than a Dyson sphere.

[edoceo]

I didn't get the reference, thanks!

[rich_sasha]

I read about the NSA (I believe, or another TLA) having identified some weaknesses in encryption algorithms (RSA I think, though again, memoria fragilis est), that means they could just about break some cyphertexts.

The context was that, although the agency was committed (hmm) to making cybersecurity better for US citizens, and thus helping the cryptography community to improve security, they felt OK exploiting weaknesses, so long as they thought it would be too difficult for others to do so too.

Sorry it's so hand-wavy, I'd love to find the article for my own sake, but busy/hard to google.

[nyolfen]

you may be thinking of the logjam attack on dhke