secring and dropbox

vedaal at vedaal at
Wed Jul 20 16:38:55 CEST 2011

Kara karadenizi at wrote on
Wed Jul 20 02:18:16 CEST 2011 :

>> Is it a bad idea to place your secring in dropbox?

>Using a decent password generator and specifying a mix of upper 
lower case letters, digits, and special characters, how many total
characters -- as a minimum -- would you recommend such a password 

>Any particular password generator program you would recommend?


A simple alternative would be to create a truecrypt container, 
allowing truecrypt to generate its own keyfile.

Store the keyfile in a secure, retrievable place (not in the 
and you can leave the password blank.

To answer your question;

assuming that at some point, the 'cloud' will have resources to 
brute force passphrases that might be considered safe 'now', but 
still not enough to brute force a 2^256 or even a 2^128 symmetrical 


symmetrically encrypt any file using either AES, Twofish, or 
and then decrypt it with the gnupg option of '--show-session-key'.

Gnupg will display a random 64 character string.
Use the entire string as your passphrase, 
(or half of it, if you feel comfortable that the combined sources 
of the cloud will not be able to brute-force a 128 bit keyspace in 
your lifetime ;-)  )

If you find such a string difficult to remember, then consider 

(afaik, there is no computerized dice generator that will produce 
acceptably random results, so you'll need 5 dice.)

The Diceware keyspace is 7776
(6 possibilities for a die throw, 5 throws, 6^5 = 7776). 

[ 7776^10 ~= 8.08 x 10^38 ] > [ 2^128 ~= 3.40 x 10^38 ]

[ 7776^20 ~= 6.53 x 10^77 ] > [ 2^256 ~= 1.58 x 10^77 ]

A 10 word Diceware passphrase should be more than enough.

More information about the Gnupg-users mailing list