Passphrase entropy (was Re: Symmetric encryption)

vedaal at vedaal at
Tue Oct 26 23:53:09 CEST 2004

>Message: 6
>Date: Tue, 26 Oct 2004 14:51:21 -0500
>From: "Ryan Malayter" <rmalayter at>
>Subject: RE: Passphrase entropy (was Re: Symmetric encryption)
>To: <gnupg-users at>
>Message-ID: <792DE28E91F6EA42B4663AE761C41C2A03164A74 at>
>Content-Type: text/plain;	charset="us-ascii"


>So we need 19.5 characters to get 128 bits of entropy in our pass
>phrase. Since you can't enter half-characters, you really need a
>character pass phrase.
>Any non-randomness you add to the process (using real words, using
>first letters of each word from a sentence, for example) severely
>decreases the amount of entropy per character. English prose has
>1.5 bits of entropy per character, which means you'd need an
>86-character pass phrase of English text to get 128 bits of entropy.
>That's a lot to remember.


a 10 word diceware passphrase (40 -50 characters)has about the same security
as a 128 bit symmetrical cipher,

and a 20 word diceware passphrase (80 -100 characters),
would correspond to a 256 bit cipher

there are 7776 words in the diceware (english) list

(btw, AGR will gladly post links on his page to anyone who wants to provide
non-english equivalent diceware lists)

estimate this as 8000, or (2^3)(10^3)

and as 2^10 (1024) approx. = (10^3),
so, further approximate this as (2^13),

(2^128) approx. = 2^(13 x 10)
(2^256) approx. = 2^(13 x 20) 

the diceware passphrases are random, and not difficult to remember,
(but may be difficult to type accurately from the commandline,
when you can't see what you're typing and where you're holding ;-) )


Concerned about your privacy? Follow this link to get
secure FREE email:

Free, ultra-private instant messaging with Hush Messenger

Promote security and make money with the Hushmail Affiliate Program:

More information about the Gnupg-users mailing list