On Tue, Jan 26, 2016 at 4:14 PM, Allan Odgaard <[email protected]> wrote:
> On 26 Jan 2016, at 20:29, Dashamir Hoxha wrote: > > Maybe you are right about this. I have just read somewhere that symmetric >> encryption is stronger than asymmetric encryption, but maybe it assumes >> that the keys are of the same size. >> > > Yes, that would be the case. It should be fairly safe to use a 12 byte > passphrase (96 bit key) with a modern symmetric encryption scheme, but no > public/private key system will be safe with such short key length. > > But as Lenz pointed out, the key length would generally be 4096 bits, > which is impractical for a symmetric encryption key (since the user has to > type it out each time). > > Furthermore, even with a 12 byte passphrase, it’s user generated, so it’s > unlikely to be truly random, which decrease the search space (often > significantly). > > So in practice, I think asymmetric encryption is the better/stronger > choice. > I agree, but the passphrase that protects the private key is still a user generated one. > > For the same reason, many servers do not allow password login but require > key exchange authentication because (user generated) passwords are weak. Maybe this is a different issue (maybe there are other reasons as well).
_______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
