In 5 years you will have had to move an object at least once and can re-encrypt at that time using the now faster CPU. Additionally in 10 years, how likely is it the data you are encrypting today is going to be very poignant?
Speed is key to adoption. -- Justin Speed is On Tue, Mar 9, 2010 at 1:43 PM, Chris Palmer <[email protected]> wrote: > I sent this to Zooko privately, regarding his "100-year cryptography" blog > post: > > > http://testgrid.allmydata.org:3567/uri/URI:DIR2-RO:j74uhg25nwdpjpacl6rkat2yhm:kav7ijeft5h7r7rxdp5bgtlt3viv32yabqajkrdykozia5544jqa/wiki.html#[[can%20we%20build%20a%20crypto%20system%20to%20last%20for%20a%20hundred%20years%3F]] > > He asked if I would like to have the dialog in public, so here goes! > > > ----- Forwarded message from Chris Palmer <[email protected]> ----- > > From: Chris Palmer <[email protected]> > To: [email protected] > Date: Sat, 6 Mar 2010 16:53:36 -0800 > Subject: 100-year cryptography > > Although SHA-512 is two orders of magnitude slower/more power-hungry on ARM > than SHA-256, that is *now*. In 5 or 10 years, we are likely to have faster > machines, machines with larger word sizes (even small/low-power machines), > and/or better power supplies/batteries. In 5 or 10 years, we will be glad > we > used unnecessarily strong functions 5 or 10 years ago. For long-lived data > at rest, skimping on security for performance is just a bad trade --- even > though, yes, I fully agree that the performance concerns are real and > critical. > > I feel certain that K = 128 is good, and pretty sure that SHA-512's K will > be gnawed down to 128 or lower in the medium-term. > > By then, of course, we will have migrated to SHA-3, which will be faster > and > maybe even safer. If only we had SHA-3 now... > > > ----- End forwarded message ----- > _______________________________________________ > tahoe-dev mailing list > [email protected] > http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev >
_______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
