> I thought that was the main reason for using a hash of the > password/phrase as symmetric key, to usilize the whole keyspace.
English has about two bits of entropy per glyph, so a ten-character English passphrase will have about twenty bits of entropy regardless of what algorithm you use to hash it. You can't make an insecure passphrase suddenly 256 bits of entropy strong by using SHA-256. :) _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
