Entropy in ascii-armored output?

Atom Smasher atom at smasher.org
Sat Jul 30 07:44:41 CEST 2005

check out <http://diceware.com/>.

something like:
 	$ head -4 /dev/urandom | gpg --enarmor
will produce much better "random" output than encrypted output. encrypted 
output can be filled with  information that is not at all random, such as 
partial body length headers.

of course, base64 is limited to little more than half of the characters 
that you could be using on an english keyboard... let's say that there are 
100 printable characters available on an english keyboard. (according to 
my math) a 10 character password using only base64 characters can contain 
up to 60 bits of entropy, but allowing 100 possible characters it can 
contain almost 66.5 bits of entropy. using 20 characters, it's 120 bits 
for base64 and almost 133 bits otherwise.

personally, i find diceware ~type~ passphrases easier to remember than 


  PGP key - http://atom.smasher.org/pgp.txt
  762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808

 	"We have a saying in our company.
 	 Our competitors are our friends.
 	 Our customers are the enemy."
 		-- James Randall,
 		Archer Daniels Midland Corporation,
 		("ADM, Supermarket to the world")
 		quoted in Fortune magazine 4/26/99

More information about the Gnupg-users mailing list