Symmetric encryption
Per Tunedal Casual
pt at radvis.nu
Tue Oct 26 13:24:26 CEST 2004
At 07:58 2004-10-26, you wrote:
>On Mon, 25 Oct 2004, Per Tunedal Casual wrote:
>
>> I thought once more about this :-) It's hard enough to put up a
>> passphrase that matches an 128 bit-key. The hash, if any, doesn't
>> matter, because it can hardly decrease the strength of the passphrase,.
>>
>> Thus any cipher with a key longer than 128-bits is overkill when you
>> encrypt symmetrically. Right?
>===================
>
>i have several passphrases that are 20+ characters. 22 characters of
>uppercase, lowercase, numbers and spaces is *stronger* than 128 bit.
>
>that's not counting the full range of characters that can be used...
>assuming that 95 characters are generally suitable (read: safe) for use in
>passphrases, it only takes a theoretical 19.5 characters to equal 128 bits
>and 39 characters to hit 256 bits. such passphrases may not be suitable
>for all applications, but they're not entirely ridiculous. IMHO it's
>posible to come up with passwords that are that long, easy to remember and
>strong.
>
>AFAIK, the session key used for symmetric encryption is derived from the
>user supplied passphrase, then salted and iterated (this may have changed
>recently). if symmetric and asymmetric encryption is used then the session
>key is derived in the usual random way.
>
>
>- --
> ...atom
>
In that case it's important to know how the session key for symmetric
encryption is derived from the passphrase. If hashing with SHA-1 i used
that will set the limit to 160 bits.
In that case AES192 would be appropriate - only 32 bits wasted :-). AES256
or TWOFISH would be ridiculous, wouldn't it?
Per Tunedal
More information about the Gnupg-users
mailing list