It really doesn't help. The problem is that you just can't crack heavy crypto by brute force due to the the laws of physics.
What’s thermodynamics? Can the NSA get around that?Thermodynamics is a branch of physics that concerns itself with heat. Or maybe it concerns itself with the ultimate fate of the universe. Or maybe it concerns itself with how much energy it takes to get stuff done. All answers are accurate.
Entropy is a measure of the statistical disorder of a system. In physics, disorder manifests itself as heat. Something that’s hot is in a much, much more disordered state than something that’s cold. In computer science, disorder manifests itself as…
…heat.
This is something that stunned Claude Shannon when he discovered it. He was trying to figure out a way to measure the information content of telephone lines, and the equations he kept on discovering looked very familiar. Shannon eventually called it “entropy”, just because the equations were the same as the physics equations for entropy. Shannon’s discovery was that information and “entropy” were opposite sides of the same coin: an increase in one necessarily involved a decrease in the other.
Thank you, Rolf Landauer.
Whether these two entropies represent the same thing is a subject of immense debate within computer science. What nobody disagrees on, though, are the real–world implications: that every single time you discard information, you have to pay a cost in heat. Period. End of sentence.
This number is very, very small, but it’s not zero. Every single time you lose a bit of information, you pay kT ln 2 joules of energy. That’s how much energy has to leak from the system with every single bit of information that’s lost.
This is an incredibly small amount—about 10^-23 joules per bitflip. By comparison, a car battery puts out about 10^26 times that each and every second. That’s a huge difference, just mind–blowingly huge. Most people think we can just ignore the Landauer Bound… but when it comes to crypto, that’s just folly.
Assume a 128–bit cipher. Each time you want to try a new key, you’re going to have to discard (on average) 64 bits. 64 is close enough to 100 for our purposes—we want some quick back–of–the–napkin estimates, nothing more—so let’s write down: “each key = 10^2 bits lost.”
Now, to break a 128–bit cipher by brute force requires, on average, 2^127 attempts. That’s close to 10^38, so let’s write that down. “Total attempts = 10^38.”
Multiply the two numbers together to get the total number of bits of information you’ve discarded. To multiply together two numbers written in scientific notation, you add together their exponents. 10^2 × 10^38 = 10^40.
Finally, we have to multiply our total number of discarded bits by the price we have to pay for each of them. Just like before, multiplying scientific–notation numbers is addition… except this time, one of the numbers is negative, so we can think of it like subtraction. 10^40 × 10^-23 = 10^17.
That gives us an absolute lower bound on the amount of energy we would have to lose while brute–forcing a 128–bit key. 10^17 joules… but that’s just a number. It doesn’t mean much to us, does it? So let’s put it in terms we can understand.
Some of the younger crowd might think I’m overstating things here. Please, listen to me very carefully:
Nothing pleases me more than the fact you live in a world where you don’t need to worry about nuclear war.
Seriously. Keep on thinking I’m an old fogey who probably rants about the “godless Communists” in his sleep. It’s all right.
But please know that I am so, so pleased that you have the freedom to grow up without worrying about nuclear annihilation.
A one–megaton nuclear weapon—the citykillers which terrified a generation during the Cold War, the devices so terrible they were correctly called “portable concentration camps”—they work by releasing a lot of heat. A Bomb, a citykiller, something that can turn an entire city into radioactive ash, releases 10^15 joules of heat.
If multiplying two scientific–notation numbers is addition, then dividing them is subtraction. 10^17 joules of energy ÷ 10^15 joules per citykiller equals 102 citykillers.
In other words, it would take one hundred strategic nuclear warheads just to power the computer to break a 128–bit cipher by brute force.
Let me say it clear and cold: anyone who says the NSA has the computing power to brute–force a 128–bit cipher is living in a fantasy.
The math just doesn’t work.