Length for AES256 symmetric encryption passphrase?
bw at norbl.com
Fri Apr 4 20:35:20 CEST 2014
To be clear, I want to use gnupgp to do symmetric encryption using
AES256. As I understand it, the 'gpg -symmetric ...' command converts a
pass phrase into a key, a 32 byte key in the case of AES256. I /assume/
that this conversion is 'deterministic' since as far as I can tell, the
'gpg -symmetric ...' does not store the key it generates. Correct me if
I am trying to decide how long a pass phrase to use. I have not decided
how to generate the pass phrase. Assume that it is pseudo-randomly
chosen from the an english language character set.
On 4/4/14, 10:10 AM, Robert J. Hansen wrote:
>> Interesting math. However, I believe the OP mentioned they're
>> the password and storing so human readable, i.e. English, isn't an
>> What would be the recommended length for completely random characters
>> generated, for example, by a password manager such as keepassx?
> Your questions are not clear enough to be answered.
> "What would the recommended length for completely random characters
> generated, for example, by a password manager such as keepassx? If
> one were using the password as the symmetric key in libgcrypt? Or
> perhaps even just using openssl tools?"
> 1. Well, which password managers? Just because a character is
> completely random tells me nothing about how much entropy is contained
> in each symbol. "TTHTHHTTH" is a completely random sequence
> (generated it just now by flipping a fair coin), but it only has one
> bit of entropy per symbol. "fBTvC" is a completely non-random
> sequence, but it has a lot more entropy per symbol. Without knowing
> how a random password is generated I can't answer this.
> 2. Recommended for what purpose? 256 bits of entropy is wild
> overkill for almost all purposes. 128 bits of entropy is generally
> speaking plenty.
> 3. Which toolkit? libgcrypt and openssl are two completely different
> toolkits that work in completely different ways, and an answer
> appropriate for one might not be appropriate for the other.
> 4. What is it you really want to know? You already know: AES depends
> on having a 32-bit key which can support up to 256 bits of entropy.
> You've been told two good metrics for estimating entropy in a
> passphrase: 1.5 bits per glyph of English text, 5 bits per glyph of
> base-64ed random data.
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users