On Oct 20, 2008, at 10:15 PM, Morton D. Trace wrote:
Dear List readers!
http://www.gnupg.org/gph/en/manual/c14.html
GnuPG needs a pass phrase to protect the primary and
subordinate private keys that you keep in your possession.
You need a Pass phrase to protect your private key.
Enter passphrase:
There is no limit on the length of a passphrase,
===
is this true?
There is no limit in OpenPGP for a passphrase length, beyond that of
the inherent limit imposed by the hash used for string-to-key
conversion. So, for SHA-1, the passphrase can be up to 2^64-1 bits,
or just under 2 exabytes. In practice, however, that's an insane size
for a passphrase (around 457 million DVDs worth if my back of the
envelope scribble is right) and no OpenPGP implementation supports
anything near that. GnuPG in particular will take whatever you give
it, but it must be able to fit in memory (and secure memory to boot,
on those platforms that support it). You can probably get a few kb,
but not much more.
What to do if the pass phrase needs to be stronger than what can be
practically typed?
Rethink what you're trying to do.
David
_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
