[Cryptography] Recommendations for short AES passphrases

grarpamp grarpamp at gmail.com
Sat Sep 17 04:58:41 EDT 2016


If you've gone from b36 to b58, you might as well go full b94.
At 8 chars that gets you around 50 bits instead of around 30
bits. The jump from b36 to b58 doesn't provide much anyway.
The benefit of b94 is that bumping it to a 'relatively short and
easy to share' length of 20 chars puts you just past 128 bits.
"Easy to share" is not the same as "easy to memorize",
that tradeoff is yours to make. There's no substitute for bits.

Others here will certainly chime in with ways to trade out
real bits for CPU and RAM. It would be nice to have a link
to a site with a table of various KDF's that estimates the
number of bits they provide in trade, given today's known
and projected CPU/GPU/ASIC and RAM/storage capabilities.

And obviously you know choosing any dictionary or 31337
lettering scheme is far too narrow in bits, especially for
anything that is not costly to brute, or worth protecting.

No idea what you're trying to provide.


More information about the cryptography mailing list