Hey Robert,
thanks for quick reply!
Well, I knew that there is a limit somewhere, but you know, having a
passphrase longer than 1024 and not longer lets say than 2048 chars
should not be a limit on 2012, don't you think so ? :)
To answer to your question about why I need so long psw is simple, the
paranoia :)
By the way, you mentioned "105 characters and at least 158 bits of
entropy", how do you control entropy when generating password ? And is
it safe to use external entropy generator, say like rng tools ?
Thanks,
On 10/27/2012 8:03 AM, Robert J. Hansen wrote:
On 10/26/12 11:40 PM, j...@dodec.lt wrote:
I'm not sure why, but there is a password length limit on 1.x
version (even in the latest release), not sure why ?
There are always limits. If you're on a system with 4Gb RAM, good luck
putting in a passphrase longer than 4 billion characters. Admittedly,
1024 characters is much less than four billion, but the point gets made:
there's always a limit somewhere, and the existence of a limit doesn't
really mean very much. :)
I suppose my question is, why do you think you need such a long
passphrase? The passphrase is used to create a 128-bit symmetric key,
so giving a passphrase of more than 128 bits of entropy gives you
nothing. At a rather low estimate of 1.5 bits of entropy per glyph of
English text, that means you only really need 85 characters to get the
maximum entropy.
"To stand divided light at ev'n and poise their eyes, / Or nourish,
lik'ning spiritual, I have thou appear" -- to take two random lines of
random poetry -- is 105 characters and at least 158 bits of entropy.
Plenty enough for any purpose. :)
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
