Length for AES256 symmetric encryption passphrase?
Robert J. Hansen
rjh at sixdemonbag.org
Fri Apr 4 08:04:14 CEST 2014
> This a rather naive question, but I haven't found and answer to it. When
> doing symmetric encryption with AES256, is there any reason to have a
> passphrase that exceeds 32 characters (since that's the length of the
> AES key)?
Yes.
English has about 1.5 bits of entropy per symbol. A 32-character
passphrase could thus be any of about a trillion different things.
That's a 1 followed by 12 zeroes.
A 256-bit keyspace is so huge English can't describe it. It's a 1
followed by 77 zeroes. The difference between the two is sort of like
comparing a lit match to Supernova 1987A. The difference is on that
level of mind-boggling vastness.
Using plain English for the passphrase, a 170-character passphrase is
necessary to provide a full 256 bits of entropy.
More information about the Gnupg-users
mailing list