[cryptography] Current state of brute-forcing random keys?

James A. Donald jamesd at echeque.com
Thu Jun 9 20:36:24 EDT 2011

On 2011-06-10 3:14 AM, Paul Hoffman wrote:
> Greetings again. I am helping someone design a system that will involve giving someone a randomly-generated key that they have to type in order to unlock data that is private but not terribly valuable. Thus, we want to keep the key as short as practical to reduce typing and mis-typing, but long enough to prevent trivial brute-force attacks. The encryption will be AES-128 in CBC mode.

If it is acceptable to have a trusted server, you would be better off 
with a zero knowledge password protocol.

In this case, the server can launch a brute force attack against the 
password, but no one else can.

More information about the cryptography mailing list