Quote from: SorryMario on January 09, 2013, 09:07 pmAFAIK, PGP keys of any size have never been "cracked" but rather were attacked through "brute-force" by going through all possible combinations. Some algorithms have been developed that can *slightly* reduce the amount of time needed to brute force a given key, but it still takes time and computing power to break even the 512bit keys. [/.quote]You're confusing factoring versus brute-force. PGP keys HAVE been factored, albeit small ones. Quote from: SorryMario on January 09, 2013, 09:07 pmWith any sort of cryptography other than an OTP (one time pad, as mentioned by SelfSovereignty), it's important to think of security in terms of how long it would take a determined attacker with immense resources to decrypt the message with brute force. Any given message encrypted with 512bit encryption could probably be deciphered in a few days with government resources, 1024bit probably a few years, and 2048bit a few millennium (Moore's "law" notwithstanding). It was speculated about 11 years ago now, based on some of Bernstein's work, that the Feds may have the ability to factor 1024-bit keys in a reasonable amount of time. This is why Cypherpunk Lucky Green revoked all of his 1024-bit keys in the Spring of 2002. Quote from: SorryMario on January 09, 2013, 09:07 pm And remember this is the time for breaking any one particular message - any other messages encrypted with the same size key would also each require the same computational investment to decipher. And please note these numbers are approximations pulled out of my ass - I'd Google it all, but Tor is too slow for that kind of research. i believe this to be Incorrect. If, as was common with the original PGP key format, one key was used for signing, authentication, and encryption, then once a key is broken (i.e factored) then ALL messages encrypted with that key can be decrypted. Factoring or breaking the key essentially refers to the derivation of the private half of the key from the public half. With the modern dual-RSA key format, once an encryption sub-key is factored, all messages encrypted with that sub-key can be decrypted. That is why it is frequently recommended that the encryption sub-key be periodically destroyed and replaced, so as to yield forward secrecy. Quote from: SorryMario on January 09, 2013, 09:07 pmNow the quantum computing bugaboo could render this all irrelevant, but it would also render the crypto used by governments and financial institutions irrelevant too. Fortunately quantum computing is 99% theoretical and the 1% that is actually achievable is essentially useless. QC has intractable problems related to decoherence and integrating input-output infrastructure which makes it nearly impossible to scale up to any useful applications. QC is mostly useful in investment scams and as disinfo to make people doubt their cryptographic security.Just my 2-bits ;)To the best of my knowledge, the largest number that has yet been publicly factored by a quantum computer is the number 15. This number can also be factored by a dog trained to bark 3 times. Nightcrawler <Nightcrawler@SR>PGP-Key: 4096R/BBF7433B 2012-09-22Key fingerprint = D870 C6AC CC6E 46B0 E0C7 3955 B8F1 D88E BBF7 433Bhttp://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090