Hacker News new | ask | show | jobs
by Boogie_Man 1001 days ago
Actively resisting future attackers and hardware is an incredibly forward-thinking thing to do, bravo. How long into the future is an achievable and desirable duration for encryption (barring any rapid, unforeseen paradigm shift)? If ten years is acceptable for declassification of standard documents in the US, is this a reasonable target for day to day signal chats?
2 comments
candiddevmike 1001 days ago
Maybe we need a statue of limitations for encrypted data to help with future proofing/make the collection useless in a court of law? If you go to lengths to encrypt your data, there should be some current and future expectation of privacy around it, even if someone can decrypt it.
link
Boogie_Man 1001 days ago
To my understanding, despite variance from state to state, a general "rule of thumb" for the statute of limitations outside of "the big R" and "the big M" is ten years. This squares with the generic declassification timetable. I can't think of anything I'm genuinely upset about from more than a decade ago. I feel that I am an almost completely different person than I was a decade ago. If I found out someone robbed a bank ten years ago I'd be more inclined to think "That's wild, how did that go?" than I am "Oh no this guy is going to rob me".
link
lxgr 1001 days ago
> How long into the future is an achievable and desirable duration for encryption (barring any rapid, unforeseen paradigm shift)?

I don't think "years of expected security" (as used to be popular for e.g. RSA key lengths for some time) is a meaningful metric anymore:

AES-256 and elliptic curve encryption are resistant against classical attackers until beyond the heat death of the universe, so their "time of security" is, for practical purposes, infinite.

I'd expect that, for quantum-safe asymmetric algorithms as well as for AES, there is a similar number corresponding to fundamental pyhsical infeasibility, and then we can also just pick that rather than any low or high number of years.

link
Boogie_Man 1001 days ago
>I'd expect that, for quantum-safe asymmetric algorithms as well as for AES, there is a similar number corresponding to fundamental physical infeasibility, and then we can also just pick that rather than any low or high number of years.

Ah! My understanding is out of date. Thank you for the detailed answer.

link