Length for AES256 symmetric encryption passphrase?

Barnet Wagman bw at norbl.com
Fri Apr 4 20:35:20 CEST 2014 

To be clear, I want to use gnupgp to do symmetric encryption using 
AES256.  As I understand it, the 'gpg -symmetric ...' command converts a 
pass phrase into a key, a 32 byte key in the case of AES256.  I /assume/ 
that this conversion is 'deterministic'  since as far as I can tell, the 
'gpg -symmetric ...' does not store the key it generates. Correct me if 
I'm wrong.

I am trying to decide how long a pass phrase to use.  I have not decided 
how to generate the pass phrase.  Assume that it is pseudo-randomly 
chosen from the an english language character set.

On 4/4/14, 10:10 AM, Robert J. Hansen wrote:
>> Interesting math.  However, I believe the OP mentioned they're 
>> generating
>> the password and storing so human readable, i.e. English, isn't an 
>> issue.
>> What would be the recommended length for completely random characters
>> generated, for example, by a password manager such as keepassx?
>
> Your questions are not clear enough to be answered.
>
> "What would the recommended length for completely random characters 
> generated, for example, by a password manager such as keepassx?  If 
> one were using the password as the symmetric key in libgcrypt?  Or 
> perhaps even just using openssl tools?"
>
> 1.  Well, which password managers?  Just because a character is 
> completely random tells me nothing about how much entropy is contained 
> in each symbol.  "TTHTHHTTH" is a completely random sequence 
> (generated it just now by flipping a fair coin), but it only has one 
> bit of entropy per symbol.  "fBTvC" is a completely non-random 
> sequence, but it has a lot more entropy per symbol. Without knowing 
> how a random password is generated I can't answer this.
>
> 2.  Recommended for what purpose?  256 bits of entropy is wild 
> overkill for almost all purposes.  128 bits of entropy is generally 
> speaking plenty.
>
> 3.  Which toolkit?  libgcrypt and openssl are two completely different 
> toolkits that work in completely different ways, and an answer 
> appropriate for one might not be appropriate for the other.
>
> 4.  What is it you really want to know?  You already know: AES depends 
> on having a 32-bit key which can support up to 256 bits of entropy.  
> You've been told two good metrics for estimating entropy in a 
> passphrase: 1.5 bits per glyph of English text, 5 bits per glyph of 
> base-64ed random data.
>
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140404/b9eaf137/attachment.html>

More information about the Gnupg-users mailing list