-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Folkert van Heusden wrote: >>>IIRC 200/s on a 2.8GHz P4 >>>I discussed improving nasty with an unnamed gpg-expert and he thought it >>>should be feasable to do at least a million per second. But as nasty is >>>a proof of concept I can't get myself motivated to improve it. >> >>The password hashing is supposed to make it *difficult* to crack >>passphrases, because of the computational cost! >>Don't find a fast way to break them and force us all to use 200 >>character passphrases! > > > Apart from the fact that this is (more or less) security by obscurity > even if my program would be a million times faster, 7 characters still > would take a day. >
How long will 8 characters (standard unix password length) take to break at present? - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFC+dSe/RxM5Ph0xhMRA8UbAJ9Mc/S+V9FSn+aVfdbU2TRaGB9OYQCeM8WU dMACe2kEZ484i00ziCHoAvI= =gxGm -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
