Length for AES256 symmetric encryption passphrase?

Robert J. Hansen rjh at sixdemonbag.org
Fri Apr 4 08:04:14 CEST 2014

> This a rather naive question, but I haven't found and answer to it. When
> doing symmetric encryption with AES256, is there any reason to have a
> passphrase that exceeds 32 characters (since that's the length of the
> AES key)?


English has about 1.5 bits of entropy per symbol.  A 32-character
passphrase could thus be any of about a trillion different things.
That's a 1 followed by 12 zeroes.

A 256-bit keyspace is so huge English can't describe it.  It's a 1
followed by 77 zeroes.  The difference between the two is sort of like
comparing a lit match to Supernova 1987A.  The difference is on that
level of mind-boggling vastness.

Using plain English for the passphrase, a 170-character passphrase is
necessary to provide a full 256 bits of entropy.

More information about the Gnupg-users mailing list