Password vs data entropy

Jack Lloyd lloyd at
Fri Oct 26 10:12:12 EDT 2007

On Thu, Oct 25, 2007 at 09:16:21PM -0700, Alex Pankratov wrote:
> Assuming the password is an English word or a phrase, and the 
> secret is truly random, does it mean that the password needs 
> to be 3100+ characters in size in order to provide a "proper"
> degree of protection to the value ? 

If E(key) >= E(text), why not use a one time pad?

> Or, rephrasing, what should the entropy of the password be 
> compared to the entropy of the value being protected (under
> whatever keying/encryption scheme) ? 

Entropy != economic value


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list