On 2011-12-27 23:14, ved...@nym.hush.com wrote: > Is there a maximum size for a passphrase for symmetric encryption > in gnupg, or does a passphrase exceeding a certain size not add any > further security to the process? > > Example, > The session key for AES 256 is 64 hexadecimal characters. > > The approximate equivalent in brute force work is 20 diceware > words. > [ 7776^19 < 2^256 < 7776^20 ]. > > A string of 15 diceware words is often more than 64 characters.
I can't tell for gpg specifically but it's not so much about "characters". It's about entropy. Natural language is redundant, and diceware uses words from natural language. Let's say we all adopted the convention to write every character twice, to recover from errors in transmission. Is ttrraannssmmiissssiioonn any more secure than transmission, given that an attacker knows you're doubling every letter? No, because it doesn't have more entropy. So don't measure characters, your upper bound is entropy, so 20 diceware words apparently contain 256 bits of entropy (based on your numbers). That means any more than 20 words isn't going to add for the case of AES-256. Like I said, this is not gpg-specific. For all I know, gpg might cut off after the 64th character and drop entropy from your passphrase. But that sounds unlikely. Wikipedia is great for further reading. -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
