George James wrote: > > Tim Churches wrote: > >Of course, future computers might be much, much faster, or a 160-bit > >quantum computer may be able to examine all the possibilities for a > >160-bit symmetrical key all at once and crack it instantly...but I am > >not worried yet. The point is that if secrets need to be maintained, > >then one must be prepared to re-encrypt them using better algorithms > >and/or longer keys as the decryption technology advances. You should not > >assume that once encrypted, secrets will be safe forever, although with > >a reasonable choice of key length, you probably only have to worry every > >10 years or so. But where are the systems to remind us of things which > >were encrypted 10 years ago? > > Of course, if you encrypt information using current key lengths, then > re-encrypting it in the future with a stronger key would be pointless > if the more weakly encrypted version was still available. Once it's > out there, it is out there.
Indeed! I think I was thinking of private medical databases - at least that's my excuse - but the context was in fact encryption of publically accessible databases, in which case my suggestion about re-encrytion is, as you point out, bollocks. Cheers, Tim C
