Wargus wrote:1) They assume a brute force attack.
2) They assume computers will not evolve to have the necessary efficiency.
3) they assume standard speed of light computing.
For the first, maybe a brute force attack is the only way to hack this (I'm no expert), however I suspect that if the algorithm is known somebody will work out how to hack it.
PGP releases the source code (complete for versions 2.6.2, 5.0, 5.5.3, 6.0.2, 6.5.1, 6.5.8, 8.x, 9.x, 10.x; and the PGPsdk 2.1.1 for the hotfixed PGP 7.1, which includes all the cryptographic functioning) of its PGP products so that others can freely examine it for backdoors or possible flaws (and anyone finding one would have instant fame in the cryptology community). That said, in terms of "breaking" a cryptographic cipher, a brute-force attack is the only relevant measure of demonstrating resistance to attack.
Wargus wrote:As far as the second 2 items, computers may not be limited to speed of light processing, they are already working on quantum entanglement and are looking towards quantum computers for cracking encryption.
I don't know - I'm by no means an expert. I do believe history is on my side in denouncing the unbreakable, unbeatable anything.
A quantum computer would certainly be a wonderful thing to have, yet the best efforts of even the cleverest boffins working for years has thus far yielded only a few laboratory novelties that are easily outperformed by any PC. It's debateable that a useful device, with sufficient qubits to use
Shor's algorithm to break public-key cryptography schemes, will
ever be built, much less in the next 5 years (e.g.
the D-Wave "quantum computer" recently purchased by Lockheed Martin seems more snake oil, than true quantum computer).
Theoretical quantum computers aside, the speed of a computer is limited by the speed of light; it takes a finite amount of time for a signal to travel the subatomic distance from the nucleus of a hydrogen atom (the smallest) to its electron.
Here's how Jon Callas, the CTO and co-founder of PGP corporation, once put it:
Modern cryptographic systems are essentially unbreakable, particularly if an adversary is restricted to intercepts. We have argued for, designed, and built systems with 128 bits of security precisely because they are essentially unbreakable. It is very easy to underestimate the power of exponentials. 2^128 is a very big number. Burt Kaliski first came up with this characterization, and if he had a nickel for every time I tell it, he could buy a latte or three.
Imagine a computer that is the size of a grain of sand that can test keys against some encrypted data. Also imagine that it can test a key in the amount of time it takes light to cross it. Then consider a cluster of these computers, so many that if you covered the earth with them, they would cover the whole planet to the height of 1 meter. The cluster of computers would crack a 128-bit key on average in 1,000 years.
If you want to brute-force a key, it literally takes a planet-ful of computers. And of course, there are always 256-bit keys, if you worry about the possibility that government has a spare planet that they want to devote to key-cracking.
The point being, Bitcoin's implementation of PGP is about as close to "unbreakable" as unbreakable gets, cryptographically speaking.
But I know what you meant. Pretty much what's happening.