Encryption Key Length Security Estimator
Evaluate the security strength of encryption keys based on algorithm type, key length, and estimated attack resources. Compares symmetric and asymmetric key strengths using NIST-recommended equivalence tables.
Formulas Used
Symmetric (AES, etc.): Security bits = Key length. Brute-force requires 2n operations.
RSA / DH / DSA (GNFS):
Security bits = log2(exp(1.923 × (ln N)1/3 × (ln ln N)2/3))
where N is the modulus value (≈ 2key_length). Based on the General Number Field Sieve algorithm complexity.
ECC / ECDSA (Pollard's ρ):
Security bits = key_length / 2. The best known attack (Pollard's rho) requires ~2n/2 operations for an n-bit curve.
Moore's Law Adjustment:
Adjusted bits = Security bits − (0.5 × years ahead). Computing power doubles every ~2 years, reducing effective security by ~0.5 bits/year.
Time to Break:
T = 2security_bits / attacker_ops_per_second
Assumptions & References
- Symmetric key security assumes ideal cipher with no structural weaknesses (e.g., AES has no known shortcut attacks).
- RSA/DH complexity uses the General Number Field Sieve (GNFS), the best known classical algorithm for integer factorization and discrete logarithm.
- ECC security uses Pollard's rho algorithm complexity of O(2n/2) for n-bit curves over prime fields.
- Moore's Law adjustment: computing power doubles every ~2 years (0.5 bits/year degradation). This is a conservative estimate; quantum computing is not modeled here.
- NIST equivalent key sizes from NIST SP 800-57 Part 1 Rev 5 (2020), Table 2.
- Attacker operation rates are estimates; real-world performance varies by hardware, algorithm implementation, and parallelism.
- Quantum computers running Shor's algorithm would reduce RSA/ECC security to effectively 0; symmetric keys would require doubling (Grover's algorithm halves symmetric security bits).
- References: NIST SP 800-57, ECRYPT-CSA D5.4 (2018), Lenstra & Verheul key size recommendations.