[Dylan16807]

> I can't think of anything from 30 years ago that isn't just a joke today.

AES is only 3 years shy of 30.

If you used MD5 as a keystream generator I believe that would still be secure and that's 33 years old.

3DES is still pretty secure, isn't it? That's 44 years old.

As for today's data, there's always risk into the future but we've gotten better as making secure algorithms over time and avoiding quantum attacks seems to mostly be a matter of doubling key length. I'd worry more about plain old leaks.

[b112]

I'll concede your point re: current status of some encryption. However there are loads that were comprised.

How do you tell which will fall, and which will succeed in 30 years?

All this said, I just think proper mental framing helps. Considering the value of encrypted data, in 30 years, if it is broken.

In many cases... who cares. In others, it could be unpleasant.

[Dylan16807]

> However there are loads that were comprised.

There are a lot of interactive systems that have attacks on their key exchange or authentication. And there are hashes that have collision attacks.

But compromises that let you figure out a key that's no longer in use have not been common for a while. And even md5 can't be reversed.

I agree with you about being wary, but I think encryption itself can be one of the stronger links in the chain, even going out 30 years.

[bluGill]

30 years ago we had a good idea. Anything considered good 30 years ago - 3DES- still is. Anything not considered good has turned out not to be. We don't know what the future will hold so it is always possible someone will find a major flaw in AES, but as I write this nobody has indicated they are even close.