Re: IDEA/Strength?
From: IN%"stewarts@ix.netcom.com" "Bill Stewart" 22-FEB-1997 03:05:51.28
At 04:21 PM 2/21/97 -0500, Alec wrote:
Is the strength, or lack thereof, of conventional PGP encryption proportional to the length of the conventional password?
Sure, up to 128 bits of entropy. Go check out pgpcrack.
Another way to put it is that the length places a _maximum_ on the entropy; no more than 7 bits (unless PGP's interface can deal with control/etcetera keys) minus a fractional bit (for characters like delete) per character. Of course, simply expanding a passphrase of "a" to "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" won't do you much good... but most non-pathological passphrases will expand in entropy as they expand in length. (There is the consideration, however, that a lengthy passphrase may need to be in alphabetical characters, as opposed to alphanumeric, due to human memory limitations. If you didn't/don't have that, then even a completely random over-19-character long passphrase (enough to be more than 128 effective bits going in) could be of assistance; greater length makes it more likely that someone observing you will miss enough of the passphrase to make a search impractical.) -Allen
At 05:57 AM 2/22/97 -0800, Toto wrote:
Is the strength, or lack thereof, of conventional PGP encryption proportional to the length of the conventional password? ... Are you saying that the strength of encryption provided by PGP is dependent upon the password one uses?
PGP _conventional_ encryption - the straight IDEA stuff, not the public-key stuff. pgp -c just uses a hash of a passphrase as its encryption key, rather than generating a high-quality 128-bit key and encrypting it with a public key. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.)
participants (2)
-
Bill Stewart -
E. Allen Smith