key security

Mike Touloumtzis
Thu Apr 11 18:53:02 2002

On Tue, Apr 09, 2002 at 06:14:23PM -0700, miket wrote:
> Assuming GPG's hash is sound: If a passphrase consists of _truly_ random
> characters from, say, a set of 64 printable characters such as the ones
> used for Base64 encoding, then each character contributes log_2(64) ==
> 6 bits to the entropy of the passphrase.  So a 22-character passphrase
> using this approach represents 132 bits of entropy; thus at this point
> the passphrase is not the weak link in a 128 bit cryptosystem.  You can
> generate passphrases like this very easily: just base64 encode chunks
> of /dev/random:
> $ head -c 22 /dev/random | uuencode -m -

To correct an error: this should be "head -c 16" (as another poster
suggested as well) for 128 bits of passphrase randomness.  We want to
measure the randomness by what comes out of /dev/random, not what comes
out of uuencode.