passphrase for symmetric encryption // ?maximum length

Robert J. Hansen rjh at sixdemonbag.org
Wed Jan 24 03:25:39 CET 2007


vedaal at hush.com wrote:
> or is there an effective maximum, where longer passphrases make no 
> difference?

The effective maximum is when you reach 128 bits of Shannon entropy.
Using conversational English, that means about 80 characters of text.
(I'm using Shannon's estimate of 1.5 bits per English glyph.)  Other
languages will have different rates of entropy, and it's fairly easy to
use creative punctuation, misspellings, etc., to jack up the per-glyph
numbers.




More information about the Gnupg-users mailing list