On Oct 15, 2010, at 7:15 PM, James A. Donald wrote:
> On 2010-10-16 6:33 AM, Jon Callas wrote:
> > If you assume that there are Moore's-Law-Equivalent
> > increases in compute power indefinitely, then 128-bit
> > security is good until about 2050-2060, and 256-bit
> > security is good until 2150 or so. On the one hand, we know
> > that semiconductor improvements will peter out sometime.
> > Best guess now is that there's not much to be gained after
> > 2040 or so. So there's more to think that present things
> > are good enough.
>
> How come 2040? Line width has been halving every four years,
> transistor density doubling every two years.
>
> Current line width is about 32 nanometers.
>
> Minimum line width is the size of a molecule, several atoms -
> probably a nanometer.
>
> If the limit is a nanometer, Moore's law expires in 2030
>From where I sit, that's "or so."
If you really want to be cynical, the things you're discussing, combined with
dealing with heat flux and other issues give good merit to say that Moore's Law
starts petering out in 2005.
There are plenty of semiconductor folks who will say as much if you buy them a
beer and swear not to quote them.
Jon
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
