Comparing a 112 bit apple with a 2048 bit orange

I am grateful to marketers who boast that their crypto products' key lengths are 2048 bit as opposed to a mere 112 bit, for it is too rare that one has an opportunity to use the word incommensurable.

Different encryption algorithms may have their own different key lengths, and the strength of the cryptosystem may be entirely unrelated to the length of the key. Yes, size doesn't matter. A one million bit key provides little security if the encryption algorithm is the simple addition of the key with the data.

3DES uses 112 bit keys. AES may use 256 bit keys. RSA should use 2048 or 4096 bit keys. An analysis of the relative strengths of these algorithms considers much more than their key lengths. Alice is 6 feet tall, and Bob weighs 200 pounds – which is bigger? For different algorithms, the meaning of the key changes, and the key is used in entirely different ways. For RSA, the secret key is an exponent, as in x to the power of y in regular arithmetic. For DES, the key is rotated, substituted, and permuted, and perhaps can be viewed more as a pattern than as a number with a value.

For a particular algorithm, it is meaningful to compare key lengths. For RSA, 4096 bit is stronger than 512 bit. For AES, 256 bit is stronger than 128 bit. For an apples with apples comparison, bigger is invariably better, but for apples with pomegranates, different algorithms' keys are not "bigger" but are "other".