maximum passphrase for symmetric encryption ?

vedaal at vedaal at
Tue Dec 27 23:14:09 CET 2011

Is there a maximum size for a passphrase for symmetric encryption 
in gnupg, or does a passphrase exceeding a certain size not add any 
further security to the process?

The session key for AES 256 is 64 hexadecimal characters.

The approximate equivalent in brute force work is 20 diceware 
[ 7776^19 < 2^256 < 7776^20 ].

 A string of 15 diceware words is often more than 64 characters.

Does increasing the passphrase string to more than 64 characters 
add any security?

Truecrypt full disk encryption insists on a maximum of 64 
characters for the passphrase.

(This is even more relevant in my case, where I routinely use 3DES 
;-)  )

(am not familiar enough with the primitives of symmetric encryption 
in how a string to key symmetric encryption works.)



More information about the Gnupg-users mailing list