Originally Posted by
QUERY
Shortcut attacks target some aspect of the encryption algorithm to recover the key or plaintext in less time than a brute-force attack would take on the same algorithm. The NSA has resources to employ both. Since they would have the pax's laptop, they would have possession of the encrypted data and possibly some plaintext with which to deduce some or all of the cipher text.
Makes no difference.
http://www.schneier.com/blog/archive...tack_on_a.html
We also expect that a careful analysis may reduce the complexities. As a preliminary result, we think that the complexity of the attack on AES-256 can be lowered from 2^119 to about 2^110.5 data and time.
Let's focus on time. Let's lower that to 2^110 for simplicity. Let's say with the plaintext the NSA can attempt one decryption operation in one nanosecond (one billionth of a second). Then to find the key takes:
2^110 / ( 10^9 * 3600 * 24 * 365.25 *10^15) = 41 quadrillion years.
Now let's say the NSA has spent $10 trillion to buy enough computers to build a massively parallel key cracker. Let's say each cracker costs just $10. So the NSA has one trillion computers to crack keys. So instead of
41 quadrillion years, the NSA takes a mere 41 thousand years.
And I've been extremely generous in my over estimation of the resources the NSA has. I suspect that it takes at least a microsecond, not a nanosecond, to try to decrypt some ciphertext and compare to the known plaintext. I suspect the NSA has spend closer to $100B on its key cracking hardware. And I suspect a key cracker node is closer to $100. So the number is likely closer to 41,000 * 1000 * 100 * 10, or 41 billion years to crack a key.
As I said, good luck with that.