I don't find it useful to worry about possible new general cryptanalytic breakthroughs: it is basically impossible to defend against them. In the face of an attacker who has infinite secret cryptanalytic ability (within the bounds of what can be done brute-force wise) only an OTP would be useful, but we are talking long-term archival here.. I don't see how an OTP helps us. If we have a secure vault to lock the pads up in until either a) the heat death of the universe, or b) the Big Crunch then we may as well just put the plaintext in there and be done with it. As I see it, OTP are only workable in communications, and then obviously in a limited manner.
Are we talking long-term archival? I'm more concerned about someone grabbing communications in transit, storing them and throwing chips and mathematicians at it. If the government comes with the search warrant, then I should have already deleted the file if I didn't want it available. If someone wants to face security guards or a gun by my bedside they can steal the archive. It's the same rules as always. (except the theif must also have the math and chips). In the case of archive you have the protection of physical security and in most cases the knowledge of when it has been breached -- It's a lot friendlier than in communications where who knows what is going on between the sender and recipient. OTP is a pain, and is not effective for archival -- but it is the only way I've seen to protect communications in excess of ~30 years. Bryan Waters http://www.ultimateprivacy.com Director of Marketing Voice: 512-305-0505 Fax: 512-305-0506 Ultimate Privacy Corporation 3925 W Braker Ln #305, Austin, TX, 78759