key security

Leigh S. Jones
Wed Apr 10 03:28:01 2002

GPG and PGP essentially use the same scheme.  A 128 bit symmetric-key
algorithm does the basic encoding, while perhaps a 2048 bit public key
encrypts the randomly generated 128 bit session key for transmission
the target, who uses his 2048 bit secret key to decode the session

So your password, if truly random, needs to be 128 bits.

That's why the "head -c 16 /dev/random | mimencode" suggestion
appeared here.  16 bytes times 8 bits per byte equals128 bits.  If you
get truly random numbers from your /dev/random (generally available
on linux) then you will get 128 bits of randomness in the mime output
from the output -- no more, no less.  Might seem pretty slick to use
that to generate a password -- if you can memorize it.  Honestly,
a quality 128 bit symmetric key algorithm should do a great job.
My calculator says:

3.04E+38 trys to check all combinations.

But don't tell everyone how to best attack your password.

----- Original Message -----
From: "Trevor Smith" <>
To: <>
Sent: Tuesday, April 09, 2002 5:25 PM
Subject: Re: key security

> On Tue, 9 Apr 2002 17:00:08 -0700, Leigh S. Jones wrote:
> >There's no sense in attempting password security that
> >exceeds the basic security of the underlying encryption
> >system.  For the most secure applications it should take
> >an attacker just a little bit less effort to break GPG's
> >underlying symmetric-key cryptography than to break your
> >own password by guessing.
> This is contrary to what I believed. It was my understanding that
> breaking symmetric-key crypto systems like the one in OpenPGP
> implementations was monumentally difficult (i.e. requiring hundreds
> of millions of dollars or more of computer hardware). It was also my
> understanding that the weakest link in the system was the passphrase
> protecting the encrypted private key. I believed that using brute
> force one could break a passphrase relatively easily (i.e. much less
> than hundreds of millions of dollars of equipment would be needed).
> Which is correct? Is any passphrase, even one 100 - 200 characters
> long consisting of completely random characters, even as remotely
> difficult to break as it is to break a GPG coded message?
> --
>  Trevor Smith    |
> _______________________________________________
> Gnupg-users mailing list