[OT] passphrases Was: Re: Allowing paste into pinentry-gtk-2?

Robert J. Hansen rjh at sixdemonbag.org
Tue Apr 19 15:54:24 CEST 2011

> There's still a big difference between trying to brute-force a
> cryptographically-strong 64-bit key, and applying dictionary attacks
> against against an English-based passphrase.

If there exists a difference, I'm unaware of it.

> If I recall correctly,
> none of the attacks you mentioned attacked the passphrase protecting a
> secret key (which is what we're talking about); rather, they were
> attempts to recover plaintext in the *absence* of the secret key by
> trying all possible decryption keys within the keyspace.

And that's exactly what we want to do when we break a passphrase: recover the plaintext of the (encrypted) private-key material by trying all possible decryption keys within the keyspace of the symmetric key which encrypts it.  The passphrase generates the session key.

> In short, I believe the context is different, and that passphrase
> attacks against the secret key are vulnerable in a way that attacks on
> ciphertext are not.

I emphatically disagree.

More information about the Gnupg-users mailing list