1

I hear all the time how many hours it would take to break a certain type of encryption. I think this may be the wrong metric to look at ever since scaling became an easy to implement solution.

Sure you can measure the hours it would take to break AES encryption with the fastest GPU on the market and that metric generally puts us in comfort towards feeling like there is no chance our crypto could be cracked anytime within our grandchildrens' lifetimes.

The thing is though, governments aren't limited by computational power, they're limited by their budgets and the United States defense budget for example landed somewhere around $600 billion this year.

It would have to be a simple metric like how much would it cost with the best hardware on the market to crack X type of crypto within one week. or, how many keys under Y encryption could be brute forced with $10 billion of computational power within a year.

While this might seem a little out of proportion, if DirectTv can be bought for $48 billion why is it so crazy to think that a government power wouldn't throw in even a small chunk of their budget to exceed anyone's expectations for crypto cracking strength?

Sure it would be a few extra variables and make the math a little harder to figure out. Even if we just kept it simple like what is the best hardware on the market per dollar and crossed those abilities at the scale of say even 1% of a government's total budget and corssed that with the strength of different crypto algorithms, I feel like we would have a more realistic view for how strong cryptography actually is in this constantly evolving industry.

codykochmann
  • 277
  • 1
  • 6
  • 1
    Cost can change as hardware advances (e.g. there's new GPUs constantly). How do you account for this? – puzzlepalace Oct 28 '15 at 23:04
  • an open sourced page that tracks one thing, the best hardware at the time. Then cross that with an algorithm that checks the current market prices for that chip to keep that analytic as fresh as possible. – codykochmann Oct 28 '15 at 23:27
  • Already answered [here](http://crypto.stackexchange.com/q/1145/1172) – Maarten Bodewes Oct 28 '15 at 23:28
  • im asking why this statistic isnt the standard instead of the current semi incomprehensible number of hours its estimated to take. – codykochmann Oct 28 '15 at 23:30
  • 1
    So ... you think that currency is more comprehensible than time. I'll need a few dollars to think about this... – Maarten Bodewes Oct 28 '15 at 23:34
  • 1
    I think time is easier to explain to engineers because we are constantly trying to minimize it. In terms of explaining to a CEO with a business major that right now it would cost any enemy of that company $5000 and a month to break into their current security system it would be a little more incentivizing than saying it would only take 50,000 hours to break this setup. It's not the engineers fault that security isn't prioritized in the business world, we try and always will, it's that we aren't using the right words to explain how easy it is to break things to those who think in terms of cost. – codykochmann Oct 29 '15 at 00:07
  • Very intersting question. @puzzlepalace Cost will change, but so does time with better hardware. – Marcel Oct 29 '15 at 09:18

1 Answers1

1

There can never be a straightforward calculation for this.

For example if you look at the LogJam attack and rainbow tables it is quite clear that there is a clear trade-off and breakdown in the resources that can be invested to crack 'every' encryption event and the resources required to crack one encryption event.

Obviously each cypher and protocol (and implementation too) will be critically examined to push both the initial investment and per encryption cost higher and higher. Logjam will push for better choices in coming years.

Candidate list of different components

  • Pre-Compute requirements for the specific use-case to be attacked.
  • On the Fly or after the fact requirements for the specific use-case to be attacked.
  • Number of Candidate Events for the use-case that might be attacked (by a nation state for example) The pre-compute requirement costs can be spread over these use-cases.

And these components will change quickly and the applicable use-cases will be many and varied.

Andrew Russell
  • 3,633
  • 1
  • 20
  • 29
  • then focus on the heavily recommended and used methods first. I see sha256 for example is recommended nearly everywhere I go. That and DH cyphers could be a good base to work off of. – codykochmann Oct 28 '15 at 23:29
  • It isn't that simple, as logjam is an attack on DH where some shared numbers were attacked with a complex precomputation. So the re-use of those numbers created a large group of people that could be pre-computed https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/ for more detail. – Andrew Russell Oct 28 '15 at 23:55
  • wouldnt that just add a statistical footnote to conclude something like "it would take X dollars and one month of time to crack it if you arent already in the estimated Y% of keys that have already been precomputed"? – codykochmann Oct 29 '15 at 00:10