2048 bit keys don't have 2^1024 times bigger key space than 1024 bit keys, key space only doubles with each bit for symmetric keys. there are two 1 bit keys: 1 0 there are four 2 bit keys: 11 00 01 10 any combination of 1's and 0's can be used as a key, and thus (assuming the key is properly derived from an entropic enough passphrase), the attacker must try all possible combinations (or until they find the correct one). With asymmetric crypto, the problem is a bit different. You are not guessing permutations of 128 or 256 bits until you get it right. Rather you have some number, perhaps a large composite number, and you need to find other numbers that are related to it, perhaps you need to find two prime numbers that are multiplied together to equal it. The difficulty of solving these problems generally does not double for each additional bit, where as the difficulty of finding a permutation of 2^x bits obviously doubles for each additional bit. I am sure someone better at mathematics can explain it better than I can, unfortunately I am not aware of the exact algorithm used to calculate asymmetric key space for a certain algorithm / key strength. I know there have been several different algorithms of different efficiency for prime factorization, however none of them are efficient enough to be a threat to sufficiently large key spaces. But the point is that it is a bit more of a moving target I suppose. I am not sure when the last major break through regarding prime factorization algorithms was either. Here it says that 600 bit RSA is 25 times harder than 512 bit RSA, but obviously a 600 bit symmetric key is 2^88 times harder than a 512 bit key. https://www.rsa.com/rsalabs/node.asp?id=2088