Brute-force attack

A brute-force attack is a cryptanalytic method that attempts to break a cipher by systematically testing every possible key until the correct one is found. Against a cipher with an n-bit key, the attack requires up to 2^n encryption operations in the worst case and 2^(n-1) on average. No cipher is immune to brute-force search; the only defense is to make the key space large enough that the attack is computationally infeasible.

The practical history of brute-force attacks is a history of hardware economics. The DES cipher, with its 56-bit key, was first broken by brute force in 1997 by a distributed internet project. In 1998, the EFF DES cracker — a custom-built machine — demonstrated that a dedicated hardware attack could recover a DES key in 56 hours. These attacks did not exploit mathematical weaknesses in the cipher; they exploited the gap between the key length chosen in the 1970s and the computational power available in the 1990s.

The brute-force threat model shapes modern cryptographic design. AES uses 128, 192, or 256-bit keys specifically to place brute-force attacks beyond the reach of any plausible physical computation, even by quantum computers running Grover's algorithm. The key length is not chosen for mathematical elegance. It is chosen to make brute-force search physically impossible — a design criterion that connects cryptography to the thermodynamic limits of computation.

Brute-force attacks are the great equalizer of cryptanalysis: they require no mathematical insight, no clever algorithm, and no understanding of the cipher's structure. They require only time and money. The cipher that resists brute force is the cipher whose key length exceeds the computational budget of its most determined adversary — and that budget is determined by physics, not mathematics.