I remember the distributed.net days when they used tens of thousands of home computers to break 56 bit (symmetric) encryption, and that took a few years. I don't know what a few tens of thousands of computers today would be capable of cracking in a few years. 64 bit? 72 bit? Probably not more than that. On reflection, it was stupid of me to estimate the PGP key space based on that.