Font size:

How is key length related to security?

In the case of Symmetric Cipher (DES, TDES, and AES), a larger Cryptographic Key length creates a stronger cipher, which means an intruder must spend more time and Resources to find the Cryptographic Key. For instance, a DES 64-bit strength represents a key space of 72,057,594,037,927,936 (2⁵⁶, 2’s power 56) possible combinations. While this number may seem impressive, it is definitely feasible for a microprocessor or a specially designed ASIC to perform the huge number of calculations necessary to derive the Cryptographic Key. Surprisingly an investment of only about US$10,000 investment in FPGA (Field Programmable Gate Arrays) will be able to recover a 64-bit key in several days. Further, a US$10,000,000 investment in ASIC will be able to recover a 64-bit key in a few seconds. A government agency that can afford investing US$100,000,000 or more will be able to recover a 64-bit key in a fraction of a second! Thus a 64-bit length symmetric cipher offers a bare minimum protection for your confidentiality and privacy. Fortunately, the “work factor” increases exponentially as we increase the key length. For example, an increase of one bit in length doubles the key space, so 2⁵⁷ represents key space of 144,115,188,075,855,872 possible combinations. A TDES 128-bit cipher offers extremely strong security (5,192,296,858,534,827,628,530,496,329,220,096 possible key combinations) that should resist known attacks for many years to come, considering the advance of semiconductor design and manufacturing. The new AES key length does not come with any parity bit. Therefore, unlike the TDES counterpart, an AES 128-bit has a real key length of 128-bit, meaning a key combination of 3.4028236692093846346337460743177e+38. An AES 256-bit key length will have a key combination of 1.1579208923731619542357098500869e+77.