256-bit should be fine for a while yet, but in 10 more years it may also be breakable, if you have a 2 billion dollar budget.
256-bit is not two times stronger than 128-bit. The strength of encryption grows exponentially, not linearly. 256-bit with current computing technologies and more's law might be safe for more than 10 or probably 200 years. It might be safe till the end of time.
NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. "
So the TripleDES is finally broken? Or Blowfish, or SHA-1 hash function? What is complex encryption scheme? Some Rube-Goldberg encryption using data destruction and outdated ciphers or TrueCrypt? TrueCrypt is actually not so complex at all, in terms of usability and ease-of-use. This statement by incomptetent spokesperson makes no sense at all to me.
A far more likely use would be a fishnet over GSM-encrypted phone calls in realtime
GSM is no encryption at all, it is merely a obfuscation. NSA and any government agency can listen at will, they already have copies of GSM encryption keys and direct access to operator's infrastructure. Maybe using voice recognition and data mining all conversations nationwide is one of the purposes?
I'm drunk, so don't take me seriously.
In some countries being drunk while committing crime (such as telling it will be good if someone nuke arseholes in NSA) is going to ad additional years to sentence.
You just got every person in this thread on a domestic terrorist watchlist.
I'm located in Eastern Europe and I have veiled Arab man in my avatar, now I'm a foreign terrorist!
Nuke with dirty Iranian nuclear bomb the capitalist terrorists and abduct CIA president while sniffing train of anthrax letter cocaine and buy Rolex replica watches cheap! Sh*t, that smoke was a strong one!
Is it something similar to MDMA? I will visit Silk Road to find out more
Using larger key sizes won't really do any difference unless your password also has double the entropy. We're slowly reaching a point where humans are having trouble remembering pass phrases with sufficient entropy (we're not there yet though!)
The password in GPG is used to protect the private key in case if the file containing key is fallen in hands of enemy. It is not related to quality of the keypair. If enemy only have your public key, the quality of the password protecting your private key does not matter. Only the source of randomness is important, and computers are known to be poor at generating truly random data without hardware random number generator.
Where passwords are the weakest link, they must be strong and random. In 1 month average human can remember password containing 30+ ASCII characters.