Long-term Security Vulnerabilities of Encrypted Data

Large amounts of digital data continuously move across the Internet, much of it traveling under a wide variety of encryption and security protections. Such schemes are intended to secure this data against information theft as it traverses the various nodes along the path to its intended destination. While such methods, when properly utilized, may be considered secure in the short-term, many widely employed encryption schemes may not meet consumer expectations over longer periods of time. Historically, such protection schemes tend toward failure; they are broken over time. Given a specific security protocol, increases in computing power and availability, along with advances in hacking methods, tend to produce reduced levels of information content protection. In the long term, even encryption methods considered highly secure today are likely to be far less secure in the future. Therefore, we highlight a little-noted vulnerability that exists for certain classes of information that require longer-term security. Encrypted information, captured and stored today, may be decrypted at some point in the future as more powerful computers and more sophisticated methods become available. This paper provides a first description and analysis of this gap in data security practices. A practical method for auditing and addressing data security vulnerabilities of this type is presented, along with a brief demonstration of its use.