How secure is GnuPG

Daniel Carrera
Tue Jul 23 23:00:01 2002

> Yes, but most people don't have passphrases that are that long.
> Something you should remember is that statistically, in English, each
> letter has about 1.3 bits of entropy. Therefore, you need a 98/99
> character passphrase.

I'm confused.  Perhaps I have severely misjudged the security of my

This is how I calculated it:

Suppose that my passphrase has only lowercase alphabetic characters and
has n characters.  Since there are 26 letters, the number of possible
permutations is 26^n.  Thus, if I want security at least as good as a 128
bit key, I require n such that:

26^n >= 2^128

That gives n >= 28.

If you use mixed case letters and numbers you need:

62^n >= 2^128

Which gives n >= 22

A passphrase with 28 letters is not impossible to remember.  You could,
for instance, come up with a paragraph with more than 28 words and take
the first letter of each word.  That's not quite random, but pretty good.
Add a few unusual characters here and there, some random capitalization
and you'll be good.

Since I know how to type, 28 characters aren't too bad.

Have I made a mistake somewhere here?