Length of passphrase beneficial?
Adam Shostack
adam at homeport.org
Sun Jul 21 14:53:17 PDT 1996
Erle Greer wrote:
| f4VnI1G1mGcwTZ1vGoyPwN4NLojF8Ee9ff1aicOGn87x0nwwHhJUo6XSYKEawRne
| (Yes, cut-n-paste, but my only in-house threat is my wife.)
|
| Actual Question:
| Does the length and randomness of a passphrase contribute at all
| to the overall security of a cryptosystem?
Not directly. The SECRECY of a passphrase does contribute.
If you do not provide it to your attacker (in the form of a file on
your computer which a Microsoft Worm macro carried in a message might
send out, that the search party might find, etc), then the length and
difficulty of guessing protect you.
For random text (I'll assume you're rolling dice) like that,
figure you get about 5 bits of entropy per character. Your PGP secret
key is IDEA encrypted with a 128 bit key, so you don't need any more
than 30 characters of random text to get a passphrase space (or
universe, to use Tim's metaphor) thats harder to search than the
keyspace.
I think its a poor assumption that your home won't be searched
if you're doing something that makes you want a 2048 bit key. A
thousand bits of keylength should be good enough for most things that
don't need to stay secret more than 5-10 years.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
More information about the cypherpunks-legacy
mailing list