Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] KeePassX



On 07/24/2013 10:32 AM, Kent Borg wrote:
> I don't know current estimations, but I would use the following 
> guidelines for an encryption key:
>
>   32-bits of entropy:          stops a naive individual with a day-job
>   80-bits of entropy:          stops a small organization
>   100-bits of entropy:        stops a big organization
>   128-bits of entropy:        stops the NSA
>   256-bits of entropy:        paranoid's goal

Reading a New York Times story on Snowden contacting the film maker 
Laura Poitras, Snowden is quoted as advising a strong passphrase: 
"Assume your adversary is capable of a trillion guesses a second."

Interesting.  So they can brute-force an entire 32-space in a fraction 
of a second and a 64-bit space in a bit over a half a year.  But an 
80-bit space can't be completely traversed in 38,000 years.  Even if the 
NSA is really really angry and the president says to get the 
bastard...just 80-bits is pretty dang good.

I guess I left some room for error in the above.

-kb

P.S. Again, estimating entropy by looking at a passphrase is a doomed 
exercise.  The only way to know the entropy of a passphrase is to know 
how it was generated and count many random decisions were made driving 
that process.




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org