a question for those who understand cryptography more than i do. in practical terms, how secure is a 128-bit encrypted file? specifically, using the xsalsa20 cipher rclone uses. searching around the web for breaking 128-bit private key encryption the answers are all over the spectrum, ranging from "a few weeks/months with a mining farm" to "not even if you were able to translate matter directly to compute by pitching the solar system piece by piece into a black hole". (if nothing else, props to the imagination there)
i'm not questioning integrity here, nor raising security concerns. i'm merely curious let's say somebody got a hold of 128-bit encrypted files and had all the time they wanted with them. how possible is it to break?
Assuming there is no weaknesses in the cipher (none significant have been discovered in xsalsa) then in order to find the decryption key you have to try all 2^128 (= 3 * 10^38) different keys.
Let's say you built a farm of a trillion computers (10^12) which can test 1 trillion keys per second (10^12). It is still going to take you about 7 million years to test all 2^128 keys!
So in practical terms you are never going to break a 128 bit key by brute force.
Is that the end of the road for the attacker? No. He could start attacking the password you used. That's why its important to use a password with lots of bits in. If the number of bits in your password is < 2^128 it is easier to attack your password.
Assuming you used a long random password, then the best way of getting your data is going to be infiltrating your computer somehow (think virus, phishing, hacking) or getting you to tell them the password (think legal threats, blackmail, torture).
(if nothing else, props to the imagination there)
let's say somebody got a hold of 128-bit encrypted files and had all the time they wanted with them. how possible is it to break?
thanks for dropping by