Why is 128-bit encryption considered good enough for medium term security only? How is expected to be eventually broken? Quantum computing or brute force attack?
Asked
Active
Viewed 212 times
2
-
2Can you reference where you saw this? Was it talking about block ciphers, hash functions, something else? – mikeazo Apr 14 '16 at 02:07
-
2Likely suite B or discussion informed by suite B. – Thomas M. DuBuisson Apr 14 '16 at 05:36
1 Answers
6
Why is 128-bit encryption considered good enough for medium term security only?
Because in the long term it is expected that mankind will be able to carry out $2^{128}$ operations because it's not physically as impossible as $2^{256}$ operations.
Quantum computing or brute force attack?
Assuming quantum computers work at a speed comparable to classical computers nowadays, they can break 128-bit encryption using $2^{64}$ operations (Grover's algorithm) which is considered feasible in the long-term, of course this should be considered additional to classical brute-force which may also be feasible at some point.
SEJPM
- 45,967
- 7
- 99
- 205