...brute force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space".

---Bruce Schneier in
Applied Cryptography

As we all know, it has proven to be very foolish to make predictions about system's security (see also my wu "Never assume your system is undefeatable"). But the fact is that here, within his statement, Bruce Schneier is implying that there is some kind of an inherent property of matter, something like a law of nature that makes brute force attacks against 256-bit keys infeasible, and not something about the technology of the devices we use nowadays or the ones that we will be using after 350 years.

One may find clever and sly ways to brute-force keys. Some known ways include the Chinese Lottery which, though never actually practiced, would perfectly work: The Chinese government instructs all Chinese factories which produce TVs to integrate a brute-force, million-test-per-second cracking chip in every TV. When the Chinese government wants to break a key, they would broadcast it through airwaves to all TV sets and the numbers say that after about 20 hours, the key would have been recovered (with very moderate assumptions about the percentage of people which own a TV).

But whatever one may come up with, there are some things that seem to be very unlikely to change. Such are the laws of thermodynamics and especially the second one. One of the implications of the second law of thermodynamics is that information requires energy in order to be represented. So, if we have a system (a "computer" in our language) and we want it to record the value of a single 'bit', we need energy at least kT, where 'k' is the Boltzman constant (k = 1.38*10-23 Joule/oK) and 'T' is the system temperature in Kelvin. This is calculated using the equation which connects the energy with the temperature of a system (E = kT). Supposing that our ideal computer would work at the average temperature of the universe (3.2 oK) (so that it does not require cooling), the required energy to record a bit would be around 4.416*10-23 Joule.

Now, to make things clear, let's play a bit (pun intended ;-) with numbers. The annual amount of energy that our sun radiates is about 1.21*1034 Joule. Dividing with the per bit-change energy, we calculate that using the whole energy of our sun for a year, we could provide power for our ideal computer to perform 2.74*1056 bit changes. This is enough to have a 187-bit counter go through all its states. Just think... having an ideal computer, working at the freezing temperature of 3.2 Kelvin, using all the energy of our sun for a year... and all that for just having a 187-bit counter go through its states, let alone for making the intense computations that each of these states requires to test the key...

Even sucking all the energy from a supernova would be just enough to pass through all states of a 219-bit counter... So, it is clear that a 256-bit key (which, just to be represented while we brute-force it on our ideal computer, would require the energy that 400.000.000.000.000.000.000 suns like our sun radiate in a year...) seems errrr... kinda difficult to brute-force...

And the amazing thing that we must keep in mind, is that all of the above calculations are completely independent with contemporary and future technology advances... As long as computers are made of matter, 256-bit keys will be secure against brute-force. Except of course... if we break the second law of thermodynamics :-). But even then, who would give a damn if 256-bit keys were rendered insecure, when we would have defeated the most persistent law of nature?

Clues taken from:
Applied Cryptography 2nd edition, Bruce Schneier
The Universal Constants, Gilles Cohen-Tannoudji