I think the title is slightly misleading. I don't think they're saying that the algorithm is exponentially easier to brute-force. Rather they are saying there is exponentially more computing power available over the duration of the attempt than previous calculations showed. Possibly the same result, but not the same thing.
I agree, it's a bit sensationalist, but I think it's accurate to say that it is exponentially easier to apply brute force than expected generally, with no real specific relation to AES. And maybe the lack of expectation is really the issue - we just don't look at the changes in compute capability enough, which doesn't change how strong AES is, just our perception of it and how to design security? But yeah, you're right, its not the same thing, and it can be misleading.
So if all computers ever made are were used and you added every PC fresh off the line to the brute force attack, you could calculate a single AES-256 key in just 100 years?! Better switch to 512-bit just to be sure.
lol, totally! Or we'll have no secrets from our grandchildren. I'm actually surprised how much the data still supports the old 1996 study that said 90-bits is necessary +2/3 bits per year to maintain strength. It's less than a decade for anything under 100bits, which is kinda the generally secure duration if I remember correctly.
Bruce Schneider's thermodynamic argument linked in the post (aka the Landauer principle[1]) shows clearly that there is not enough energy available in the solar system to feasibly brute force a 256 bit key.
So what exactly is being argued here then? That advances in computational tech will break the Landauer limit?
It seems more likely that the exponential growth of computational capacity will end soon.
It's not a straightforward linear relationship, though, it relies on exponential growth in computing power to a point past where physics allows it to go. I think you need a specific assertion as to how it will be possible to overcome the thermodynamics before you can make an affirmative claim that it is exponentially easier to brute-force AES than previously believed.
7 comments
[ 3.1 ms ] story [ 33.5 ms ] threadSo what exactly is being argued here then? That advances in computational tech will break the Landauer limit?
It seems more likely that the exponential growth of computational capacity will end soon.
[1] http://en.wikipedia.org/wiki/Landauer's_principle