No one is quite sure when, or whether, that day will arrive. When we considered quantum crypto-cracking in 2019, University of Chicago computer science professor Diana Franklin suggested, "It is possible that Shor's algorithm could be implemented in the next 15 years," while allowing predictions of this sort are notoriously difficult to get right.
has seemingly shown that AES-256 will not be directly cracked for at least the next 200 years (unless we manage to harvest the energy output of distant stars). The only available attacks will continue to be indirect attacks like brute-forcing the original password, etc.
RSA-2048, ECDSA (on a 256-bit curve), SHA-1, SHA-256 and AES-256 are all "equally" uncrackable in that they are all in the wide category of "we don't know how to break them with existing or foreseeable technology".
Finally, even if we have a bug-free, formally verified implementation of mathematically-proven cryptographic protocols, the other software on the computer could be insecure or improperly-configured and vulnerable to compromise. Your Bitcoin wallet may be strongly-encrypted, but this doesn't matter if your Windows machine gets a virus that snoops on your keystrokes. People themselves are also a weak link; research has repeatedly demonstrated that people will pretty much hand over whatever sensitive information is asked of them for a piece of candy or an animated GIF of a cat.
In 2016, it took several hundred standard computers two years to crack an encrypted message with a key that was 768 bits long. If it were a 1,024-bit key, it would have taken 1,000 times longer, and it is estimated that cracking the current highest standard of a 4,096-bit key would take more than a billion years! So, the speed at which computers can crack encrypted messages determines our security and, conversely, our vulnerability1. However, in 1994, Peter Shor from the Massachusetts Institute of Technology (MIT) showed that using his algorithm, a quantum computer could factor large numbers quickly and, in principle, easily crack encryption that is secure when using standard computers.
Advanced Encryption Standard (AES) is an encryption algorithm that encrypts fixed blocks of data of 128 bits at a time and is probably the most common encryption method today. RSA (named after its founders) is a public-key encryption algorithm that is also popular over the internet. RSA-200 has 200 decimal digits (maximally equivalent to about 663 bits), which can be factored into two 100-digit primes. The CPU time in identifying these primes by a collection of parallel computers would amount to approximately 75 years of work for a single 2.2 GHz Opteron-based computer3. However, for a quantum computer, a 128-bit or 256-bit encryption could be easily cracked by a 5-qubit computer, a feat achieved in 2002.
In principle, if Shakuntala could break 663 bits (equivalent to the processing power of about a 9-qubit quantum computer), she would be able to crack most of the encryption on the internet today (based frequently on 128 bits or 256 bits) with ease, much like a quantum computer. How could a human brain do it, in the absence of a quantum processor?
Considered a staple of asymmetric encryption. Designed by the engineers that gave it its name in 1977, RSA uses the factorization of the product of two prime numbers to deliver encryption of 1024-bits and up to 2048-bit key length. According to research conducted in 2010, you would need 1500 years of computational power to crack its smaller 768-bit version!
When you factor in an RSA private key, the figure skyrockets even more. RSA derives its name from the names of its creators namely, Rivet, Shamir, and Adleman. According to DigiCert, cracking a 2048-bit RSA key with a standard computer would take 6.4 quadrillion years (6,400,000,000,000,000 years).
The encryption strength of an SSL/TLS protocol depends on the capabilities of the browser and server. Configuration is also an important factor. If a hacker is able to crack a 256 bit symmetric key, the SSL/TLS certificate may have been replaced.
The longer the encryption key, the longer it takes to crack it. And the longer it takes to crack, the more robust the encryption is. Even for the fastest computer on Earth, it would take billions of years to brute force AES-256.
1Password also uses AES 256-bit end-to-end encryption to protect your data. In addition to your master password, you must also enter a secret key in order to login, an extra layer of security that protects your account. It also offers a Travel Mode, which allows you to delete sensitive data off your device and restore it with a click once you get to your destination. Like Bitwarden, 1Password also has a password generator to create a strong password no one can crack or guess. 1Password also enables multi factor authentication through a number of plugins, such as Authy and Microsoft Authenticator. 1Password accounts also include unlimited devices.
But computers keep getting faster, thus sometimes making the impossible possible. Many Diffie-Hellman implementations use numbers of a little over 300 digits long (1024 bits). These keys, the paper showed, can be cracked within a year for around 100 million US dollars. (Some people believe it can be done even more cheaply, but only the ballpark figure matters here.)
Imagine what would happen if many Diffie-Hellman implementations used the same fixed prime number: an adversary could spend a lot of time and money doing the required computations for this prime number and subsequently use that to crack key exchanges as they happen in real time. Knowledge of the secret key allows an adversary to read all the supposedly encrypted traffic between millions of Alices and Bobs around the world.
It would actually be a good rule of thumb to choose the strength of your encryption algorithms such that it would be too expensive for the most powerful adversary to attack, even if they would automatically crack all other implementations of the same protocol. For Diffie-Hellman, using longer numbers of 2048 bits (more than 600 digits) will do just fine.
A cryptosystem is only as good as its randomness. Insufficient entropy in key generation has led to many attacks against cryptosystems. One such example was a bug in Android's SecureRandom module, which caused the Android Java module to output low-entropy random numbers. This led to many major Bitcoin apps generating insecure private keys, many of which were quickly cracked. There have also been numerous reports of keys generated using various ad hoc heuristics, which are routinely compromised. When it comes to cryptocurrencies, sloppy key generation translates into theft and loss of funds.
Just to give you a sense how much more efficient ECC is than RSA: the computational energy required to crack a 228-bit RSA key would be enough to boil a teaspoon of water. The energy required to crack a 228-bit ECC key would be enough to boil all of the water on earth.
In fact, we know that there exists an efficient algorithm for computing discrete logarithms. It's called Shor's algorithm, and we know with certainty that it can efficiently crack an ECC key.
But once quantum computers do become feasible at scale, we know that both RSA and ECC will be crackable using Shor's algorithm. This has galvanized a new competition by the National Institute of Standards and Technology (NIST) to solicit new quantum-resistant algorithms for public-key cryptography. All of the post-quantum encryption schemes under consideration are at least an order of magnitude slower than ECC, and many of them have already been broken.
Louis Cordier:It is true that ordinary processors dont double their raw processing speed every 18 months anymore.However, the trend goes now to multi-core processors. A multi-core processor is perfect for cracking SHA-1 since there are a lot of independent calculations to do.
To the comment about salted SHA hashes (SSHA) you should note that a cracker has been released for this, SSHA Attack. It was written by the team at neurofuzz and works well even though the larger sizes do force a time consuming process. It works nevertheless and is worth a look. It is on SF at -attack