> I think SSH is safe enough with its encryption.( Of course everything can > eventually be cracked ) I know it's not the same algorithm, but I want to point out that, while yes, technically you're statement is accurate, realistically it isn't... If you had started at the dawn of time with a brute force crack of 128 bit AES encryption, you'd still not even be 20% done. :) >From the FAQ found at NIST's website: How secure is AES? What is the chance that someone could use the "DES Cracker"-like hardware to crack an AES key? In the late 1990s, specialized "DES Cracker" machines were built that could recover a DES key after a few hours. In other words, by trying possible key values, the hardware could determine which key was used to encrypt a message. Assuming that one could build a machine that could recover a DES key in a second (i.e., try 2^55 keys per second), then it would take that machine approximately 149 thousand-billion (149 trillion) years to crack a 128-bit AES key. To put that into perspective, the universe is believed to be less than 20 billion years old. Approximately how big are the AES key sizes? The AES will specify three key sizes: 128, 192 and 256 bits. In decimal terms, this means that there are approximately: 3.4 x 10^38 possible 128-bit keys; 6.2 x 10^57 possible 192-bit keys; and 1.1 x 10^77 possible 256-bit keys. In comparison, DES keys are 56 bits long, which means there are approximately 7.2 x 10^16 possible DES keys. Thus, there are on the order of 10^21 times more AES 128-bit keys than DES 56-bit keys. http://www.nist.gov/public_affairs/releases/aesq&a.htm
