On Mon, Apr 18, 2011 at 3:56 PM, Robert J. Hansen <r...@sixdemonbag.org> wrote: > To give you an example, RC5-64 was a giant distributed network of computers > run by hobbyists using spare CPU cycles, trying to brute-force a 64-bit key.
There's still a big difference between trying to brute-force a cryptographically-strong 64-bit key, and applying dictionary attacks against against an English-based passphrase. If I recall correctly, none of the attacks you mentioned attacked the passphrase protecting a secret key (which is what we're talking about); rather, they were attempts to recover plaintext in the *absence* of the secret key by trying all possible decryption keys within the keyspace. In short, I believe the context is different, and that passphrase attacks against the secret key are vulnerable in a way that attacks on ciphertext are not. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users