[Discuss] KeePassX
Kent Borg
kentborg at borg.org
Tue Aug 13 08:45:00 EDT 2013
On 07/24/2013 10:32 AM, Kent Borg wrote:
> I don't know current estimations, but I would use the following
> guidelines for an encryption key:
>
> 32-bits of entropy: stops a naive individual with a day-job
> 80-bits of entropy: stops a small organization
> 100-bits of entropy: stops a big organization
> 128-bits of entropy: stops the NSA
> 256-bits of entropy: paranoid's goal
Reading a New York Times story on Snowden contacting the film maker
Laura Poitras, Snowden is quoted as advising a strong passphrase:
"Assume your adversary is capable of a trillion guesses a second."
Interesting. So they can brute-force an entire 32-space in a fraction
of a second and a 64-bit space in a bit over a half a year. But an
80-bit space can't be completely traversed in 38,000 years. Even if the
NSA is really really angry and the president says to get the
bastard...just 80-bits is pretty dang good.
I guess I left some room for error in the above.
-kb
P.S. Again, estimating entropy by looking at a passphrase is a doomed
exercise. The only way to know the entropy of a passphrase is to know
how it was generated and count many random decisions were made driving
that process.
More information about the Discuss
mailing list