Work Factor is defined as the amount of effort (usually measured in units of time) needed to break a cryptosystem.

The Work Factor of a cryptosystem is related to its key-length and the working mechanism used (encryption and decryption algorithms). For example, if the brute force attack method is used to break the system (trying all possible combinations of the key), then the work factor is directly proportional to the length of the key. For every addition of one bit to the key length, the time needed (work factor) is doubled.

The biggest threat to an encryption system is perhaps the ever-increasing speed of computers. Let’s consider a popular symmetric encryption—DES algorithm—as an example. According to Schneier, back in 1998 the amount of time required to break a DES 56-bit key Cryptosystem with a $220,000 device was 4.5 days1.

Moore’s law states that over time, technology increases such that computing devices double their speed every 18-months for the same amount of construction cost. With this being the case, we can now, in 2008, build a similar machine at the same cost of $220,000 that will break the same DES 56-bit key within 64 minutes!

For this very reason, DES was replaced with Triple DES and other advanced encryption algorithms, ending its widespread contribution to encryption applications since its invention by IBM in 1974. The algorithm was perfectly designed to withstand such a long period of practical application challenges, with its only shortcoming being the relatively short key-length: 56 bit.1 Schneier, B. (1998), A Hardware DES Cracker, Counterpane Systems, Available from: [Accessed 20 March 2008].