Even with all the new encryption technology, vulnerabilities still exist. Encryption keys once thought to be safe, like MD5, SHA-1 and SHA-256, were eventually cracked. How long will the current 3DES or AES 256-bit encryption keys last?

"With any encryption algorithm, at some point there will be enough number-crunching capacity to work through it," says W. Curtis Preston, vice president of data protection at GlassHouse Technologies.

Using the fastest computers on the planet, how long would it take to crunch these numbers and come up with the code? "With 40-bit encryption, the answer is a couple of weeks," Preston says. Some people believe that 256-bit keys like 3DES will become obsolete within five to 10 years. "But right now, it's fine," he says. "AES 256 goes an order of magnitude beyond that.

"As long as you're using something at or beyond 256-bit encryption," Preston adds, "you're fine."

Sidebar