Re: Safe password?
- From: Unruh <unruh-spam@xxxxxxxxxxxxxx>
- Date: 26 Dec 2005 06:01:46 GMT
Mxsmanic <mxsmanic@xxxxxxxxx> writes:
>paul_wary@xxxxxxxxx writes:
>> I use an encryption program that uses AES-256 as its encryption
>> algorithm but only allows passwords with a maximum length of 16
>> characters. Is it possible to create a safe password with only 16
>> characters for this encryption type?
>You can create passwords that might be sufficiently secure for some
>applications, but you cannot exploit the full security of the
>algorithm's keyspace, because no 16-character password will provide a
>key of 256 bits. Even if you use every bit of every character, that
>still comes out to only 128 bits; and in practice there are some
>characters you can't use, so the actual effective key length is far
>less than the algorithm allows (only 105 bits if you limit your
>password to printable characters).
105 bits would be fine. That is not going to get broken by exhaustive
search. However most human chosen passwords are more like 20-30 bits.
>--
>Transpose mxsmanic and gmail to reach me by e-mail.
.
- Follow-Ups:
- Re: Safe password?
- From: Juuso Hukkanen
- Re: Safe password?
- References:
- Safe password?
- From: paul_wary
- Re: Safe password?
- From: Mxsmanic
- Safe password?
- Prev by Date: Re: What's wrong with this RC4?
- Next by Date: SHA Question
- Previous by thread: Re: Safe password?
- Next by thread: Re: Safe password?
- Index(es):
Relevant Pages
|
|
