I'm guessing that when a cyber criminal is caught they add all retrieved private keys to the police's keychain. Even a symmetrically signed key (passworded) can be brute forced or the arrested can be court compelled to decrypt the key.
I don't understand, perhaps I'm misunderstanding the situation.
GP is saying that if the [private] key is password protected, it can be brute forced. Surely if a human is able to type in the password to the private key, you can bute force that password relatively easily?
With cooperation, yes, without it, no. A password doesn't need to be too long to grow the key space to large enough all the computers in the world couldn't scratch the surface.
Of course, there are many other factors that can significantly decrease or break the security of AES.
