Member-only story
Fun Facts With Encryption Keys: What Takes 183,587 Million Million Million Million Million Million Million Million Million Years to Crack?
I once heard from a company that was advised that they should migrate from 128-bit AES to 256-bit. The advisor said that 128 bits could be easily cracked. As will we find, it is certainly possible to crack it, but it will take 539 million million million years to do so (on average) for a fast encryption cracker.
The basics of keys
With symmetric key encryption (such as with AES encryption), an encryption key is used to encrypt plaintext into ciphertext, and decrypt ciphertext to plaintext. The more keys we have, the longer it will take, on average, to find the correct key. For example, if we have a 4-bit value, we will have 2⁴ keys (16).
Overall, the number of encryption keys will be 2^n. If we try M keys per second, then the average time to crack by brute force will be 2^n/(2.M) seconds. If we have a 36-bit key, we then have 3,668,719,476,736 (2³⁶ keys), and if we can try 10 billion keys (10x10⁹) keys per second, it will take 3.44 seconds on average to find the correct key. Here is a simple calculator for the times to crack various sizes of keys using 10 billion keys tried per second:
https://asecuritysite.com/principles/key?keys=10000000000
Now let’s try 128-bit and 256-bit randomly generated keys
Normally, for AES encryption, we use either 128-bit or 256-bit keys. So, let’s see how long it would take to crack them by brute force, and for a randomly generated encryption key.
For a 128-bit key, we have 340,282,366,920, 938,463,463,374, 607,431,768,211,456 different keys (2¹²⁸). If we now crack at 10 billion keys per second, the average time to crack will be 539,514,153,540,301,000,000 years. That is 539 million million million years!
Now, let’s try a 256-bit key.
For a 256-bit encryption key, it would take 183,587,153,154,040,000,000, 000,000,000,000,000,000,000,000,000, 000,000,000,000 (183,587 million million million million million million million million million) years to crack using brute force, and with 100 billion keys tested per…
