On Sun, Jul 08, 2001 at 06:44:43PM +0200, peter k. wrote: [...] > all this mess with crypto is making me go nuts, first internal crypto patch > doesnt work so i have to use loop AES, then it says "at least 20 bytes > passwords" but i dont know in what format they should be and how i should > create them Well, I, for one, would love to know if there is any intention on fixing the problems in the kerneli stuff. I'm also now avoiding it and playing with the loop AES package for that reason. > i still invite anyone to tell me if a 30 byte a-z and 0-9 password created > using my brain as a random character generator is enough for AES128 or what > i should use for creating the damn thing and how long it has to be Well, a-z and 0-9 gives you 36 characters. That's slightly over 5 bits, if, and only if, it's truely random (which is highly questionable). That would give you 150 bits which exceeds the 128 bit hash in AES128. So on a purely numeric basis, if you are willing to trust your selection process (which you appear to be willing to do) I would have to say that your passphrase appears to have more entropy than the actual hash key and would be stronger to a brute force attack. No one can tell you if this is "enough" because now one can tell if using YOUR brain as a random number generator is sufficient (MINE certainly is NOT) and we don't know what your criterion of "enough" is. "Enough" for what? I can only state assumptions (assuming that it's truely random) and compare strengths in the crypto. Those have the conditions defined. Your question of "enough" does not have the conditions truely defined for a definitive answer. At best, using your brain as a random number generator can only approach a true random number generator. Which then begs the question "Why don't you just use a true random number generator?" Why not write a perl script or something to read from /dev/random and generate random numbers? If there is something objectionable to doing than and preferential to using your brain, I can guarantee that you have just proven that using your brain is NOT a random number generator (by the very nature of that preference). > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ Mike -- Michael H. Warfield | (770) 985-6132 | mhw@xxxxxxxxxxxx (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/