[pxx]

> Encryption gets broken eventually as we get more compute power

What, no. Encryption gets broken only because we find weaknesses, not because compute power increases.

You can never straight up brute force a full-strength 512-bit key. That's just a fact of the universe. If the scale of your attacker is less than "literally the whole universe since the beginning of time", 256 bits will suffice against any future human developments.

But even less capable encryption is fairly strong. I would find it unlikely* that a single 3DES-encrypted message (a standard from 1981 with 112 bit effective key length) will be brute-forced, even with novel cryptanalysis, in your lifetime.

Even quantum computers won't help substantially for the capability in breaking a symmetric-key algorithm. Maybe** that 3DES message from 1981 can be broken with them, but any modern settings will not be.

*Unlikely as in less likely than not. I would be surprised if this happens, but the example here is to indicate that even obsolete messages don't have any constructive breaks against them, not that all 3DES messages are secure

**This would be a huge win for quantum computers, beyond imagining for now. But even with this huge win, you can't make such headway for a 256-bit key.

[NegativeK]

I remember reading Schneier's Applied Cryptography, where he mentioned Landauer's principle [1] and things like the entire energy output of our sun over an appreciable amount of time. If you play with it, you end up realizing that a 50 character line noise password is absolutely insane overkill (assuming you didn't realize that from other, unrelated directions.)

Cryptography benefits from having a larger than practical keyspace due to what happens if the algorithm is weakened beyond brute force. But this happening isn't a given.

[1] https://en.wikipedia.org/wiki/Landauer%27s_principle

[acaloiar]

> You can never straight up brute force a full-strength 512-bit key. That's just a fact of the universe.

If there is some number of bits n < 512 where brute forcing an n-bit key is not a "fact of the universe", does it stand that cracking 512 bit keys is also not a fact of the universe?

[stavros]

No? That's like saying "if my glass can fit a drop of water, then it can also fit an ocean". There is an upper bound to how much processing power there can be in the universe, and 512 bit keys need more than that to be cracked.

[esperent]

That's assuming classical computers though, right? What about future quantum computing developments?

[X6S1x6Okd1st]

I guess it depends on the algorithm they chose, HChaCha20 is the symmetric encryption algorithm for libsodium.js which is quantum resistant.

https://doc.libsodium.org/secret-key_cryptography/secretstre...

https://crypto.stackexchange.com/questions/79518/is-xchacha2...

[jmprspret]

Most if not all symmetric encryption is quantum resistant though (with a large enough key). Quantum computing only causes problems for asymmetric algorithms that involve factorisation iirc

[johnhenry]

The key words here are "brute force" -- there might be some [possibly quantum] techniques around it, but probabilities around guessing and checking an arbitrary number remain constant.