[OT] passphrases Was: Re: Allowing paste into pinentry-gtk-2?

Johan Wevers johanw at vulcan.xs4all.nl
Mon Apr 18 00:42:16 CEST 2011


On 17-04-2011 21:32, Robert J. Hansen wrote:

>> I thought that was the main reason for using a hash of the
>> password/phrase as symmetric key, to usilize the whole keyspace.
> 
> English has about two bits of entropy per glyph, so a ten-character English passphrase will have about twenty bits of entropy regardless of what algorithm you use to hash it.  You can't make an insecure passphrase suddenly 256 bits of entropy strong by using SHA-256.  :)

No, but it would prevent that a 100 char keyspace would still not
utilize the whole keyspace because all characters are 7 bit.

-- 
Met vriendelijke groet,

Johan Wevers




More information about the Gnupg-users mailing list