|
For no encryption scheme is the key space unlimited. For symmetric key ciphers, the keys are of a set length. AES accepts key lengths of 128, 192, and 256 bits. For asymmetric ciphers, they vary even more. The RSA-XXXX designation refers to the length of n, which is the product of two primes (which must be kept secret) p and q. So for RSA-2048, p and q are roughly 1024-bit numbers. In addition, the secret exponent can frequently be quite large, although as it's calculated from the public key exponent and n its size is not guaranteed. Ultimately however, all of these are designed so that the key spaces are too large to be feasibly brute-forced searched. The reason for the much larger size of the keys for the asymmetric ciphers is that their security is usually based on the difficulty of solving a problem (in RSA's case, factoring n into p and q, or the equally difficult problem of determining the totient of n) that gets more difficult as the keys get larger. EDIT: And yes, one-time pads are theoretically unbreakable, however they can only be used once (as the name implies, but if they are used twice recovering the key is trivial), must rely on a sufficently good quality random number generator (which Matt Green recently had a very good article describing how hard it is to do: http://blog.cryptographyengineering.com/2014/03/how-do-you-k...) and they have the same issues that any symmetric key ciphers have, in terms of key distribution. They're useful when you have old women in Bletchley Park spinning bingo balls and carefully copying into two notebooks. Less so when you're trying to build a usable system for secure communication. |