|
|
|
|
|
|
by lxgr
1001 days ago
|
|
|
> How long into the future is an achievable and desirable duration for encryption (barring any rapid, unforeseen paradigm shift)? I don't think "years of expected security" (as used to be popular for e.g. RSA key lengths for some time) is a meaningful metric anymore: AES-256 and elliptic curve encryption are resistant against classical attackers until beyond the heat death of the universe, so their "time of security" is, for practical purposes, infinite. I'd expect that, for quantum-safe asymmetric algorithms as well as for AES, there is a similar number corresponding to fundamental pyhsical infeasibility, and then we can also just pick that rather than any low or high number of years. |
|
|
Ah! My understanding is out of date. Thank you for the detailed answer.