Blog

# Units for the security of AES-256

In a previous post I suggested that solar mass units (about 2 x 1030 kg) might be a good unit to measure the amount of computers needed to crack a 256-bit AES key. Is this really the case?

The EFF's DES Cracker could try about 92 x 109 keys per second. Let's assume that that machine weighed about 20 kg and round up the number of keys per second to about 1011. That means that that machine could try about 5 x 1012 keys/(sec kg). Let's assume that we have a machine that's 1 million times faster for the same mass. That's probably not too realistic, but if we assume that then we get that our hypothetical machine can test about 5 x 1018 keys/(sec kg).

That means that to recover a 256-bit key in one year we need

2256 keys x (1 sec kg / 5 x 1018 keys) x (1 yr / 31 x 106 sec) x (1 SMU / 2 x 1030 kg)

= 4 x 1020 SMU

of our hypothetical computers.

So it looks like I was actually wrong. Solar mass units really aren't big enough to measure the computers needed to crack a 256-bit AES key. Maybe a more appropriate unit would be a galactic mass unit. The Milky Way galaxy has a mass of about 2 x 1011 SMUs, so it would take about 2 billion GMUs of computers to crack a 256-bit AES key in a year. Maybe even that unit isn't big enough.