GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key)

Faramir faramir.cl at gmail.com
Sat Nov 28 17:32:09 CET 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

David Shaw escribió:
> On Nov 28, 2009, at 9:42 AM, Ciprian Dorin, Craciun wrote:
...
>>    Also, how many bits of security should my password have in order
>> to withstand an attack from a small / medium enterprise? (Government
>> is out of the question as they could get access to my infrastructure
>> by force...)
> 
> Difficult question to answer, since everyone is going to wave around
> their opinion. :)
> 
> I'd suggest starting with the various calculators on
> http://www.keylength.com/

  Now the interesting question would be, how to calculate the real bit
length of a passphrasse? I googled, and found this message, from this list:
http://lists.gnupg.org/pipermail/gnupg-users/2008-October/034842.html

  Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBCAAGBQJLEVCJAAoJEMV4f6PvczxAYLIH/2kwGMDiBa7UNs83MyyzdeFs
0DnKyEpoK4HSsvvVZhpEqBUOLuxep6qtn2uhnFlXCw7tC3e+iGTfyudPK9dhLi0J
9aIkvYMSjzTCiiywiRAMHha6Z0dei5ffIsVupjeUnuzwiEXCDliUR5MODiQc4fP6
uGJcU0Z/e/IkFlFfFKAACySvLHJcoNzllBMEnfXudqfJpeOsUoGq/T6P2zZfjGrZ
ly0gwKVfEowB7fi5QXYwYL6Dfi+FmctNRbzxL0ED2Pq1q1N+fzg4VnxGX6dqtLgX
EtBsg2z3jvLZE6nSD65kxkSmxu9fWSS8UIlWu21YzgFtSYWQTl1w/5gJaNTwt7o=
=CL86
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list