128 bit encryption how many character

It is an obvious but often overlooked fact that password is something to be remembered. Even a bad password that you remember is infinitely better than an excellent password that you have forgotten. Time changes everything, and a password, which seems impossible to forget now, may be completely forgotten after several years pass.

A chance to forget an old password is very real and this danger is no less serious than a possibility of a hacker attack. Don't use many passwords — one, at most two, would be enough. Prefer quality over quantity — choose a good long password and salt it with non-letter characters to make it resistant to dictionary attack. Use that password constantly and don't change it unless it is compromised. Regular usage is the only reliable way to remember a long complex password for years.

Another thing worth mentioning is that the slightest mistake makes the password invalid. A password is either right or wrong; there is nothing in-between. A tiny error like typing a dot instead of a comma is enough to make decryption impossible even if the rest of the password was entered correctly. There are several rather common recommendations that better be avoided. The reason is that those recommendations are intended for access passwords and are not suitable for encryption passwords.

Access passwords are used to log into, or to get access to some resource. The system compares the entered password with a stored copy of the right password, and either grants or refuses access. A lost access password can be easily recovered; forgetting it is usually nothing more than a minor inconvenience. Encryption passwords are different. Software does not keep a copy of an encryption password, and if the password is lost, there is no way to recover it.

If the software has no backdoor and quality encryption software like Kryptel, of course, has none , then a lost password means that your data is lost without any hope of recovery. Access and encryption passwords are of very different nature and should be treated differently. Encryption passwords are to be chosen carefully, they are usually being used for years, and they are too valuable to risk losing them. Speaking in general, it is not a bad advice, but digits are hard to remember.

An easy-to-remember sequence, like your spouse's birth date, would hardly add much security because it is easy to guess. However, if you have a digit sequence that you are unlikely to forget, and at the same time a hacker can't guess it, then use it. Otherwise it might be safer to avoid digits.

The persons, who give this advice, usually conveniently skip over the recommendation how to memorize such a password. Salt is random per encryption key. Random means random. If you are insufficiently random when you use a cryptography algorithm which assumes unpredictable material, you are vulnerable. Get a better hardware RNG if you're worried. Yes, if you salted the key, someone needs the salt to decrypt things you encrypted using the salted key's hashed value.

No, sending the salt does not necessarily compromise your data; send the salt only to someone who has proved they already have the password, but it's stored in your database next to the ciphertext. As mentioned above, someone needs both the salt and the ciphertext to mount an attack. Again, the purpose of the salt is not to raise the strength of the encryption, it is only to prevent precomputation attacks against your hashes. There are methods of key extension. In the real world, what is usually done is hashing the password along with a salt to produce unpredictable longer keying material.

Borealid Borealid Steven Sudit: I think I edited this before you commented; "you encrypted using the salted key" means "encrypted using a portion of the hashed value of the salted key". I'll clarify again. It's still misleading. Salt is for hashing, not encryption or decryption.

Short of brute force, there is no way to recover a password from the hash and salt. Steven Sudit Steven Sudit See: stackoverflow. And: stackoverflow. The size of the has is independent of the size of the password and the salt. For example, SHA-1 always produces a bit hash.

Hashing is not encryption because you can't except for rainbow table attacks on short strings recover the original. Unless I misunderstand, the OP is asking about generating encryption keys from passphrases, not about hashing and storing passwords. Show 12 more comments. So basically on this is what happens. On registration: User sends password to server. Server adds a random salt to the password and then hashes it.

The salt and final hash are stored in separate tables. On login: User sends password to server. Server fetches stored hash, and adds it to the password.

Server hashes the password and salt. If the final hash matches the one in database, the user is logged in. They're for protection against rainbow tables, only. As a follow-up, consider that an attack doesn't need the salt or the password to log in, just the hash. Guess it's one of those cases where Wikipedia is wrong.

Why would just the hash be sufficient? The server isn't going to accept just the hash to log in, it will want a password which it can then hash. Wikipedia is wrong a lot. In answer to your question, consider this scheme: A web server receives a plaintext password over HTTPS and looks up the user's salt.

It combines them and generates a hash. The genuine weakness of AES -- and any symmetric system -- is that the sender has to get the key to the receiver. If that key is intercepted, transmissions become an open book. That's where asymmetric algorithms come in. Moorcones explains that asymmetric systems are also called public-key cryptography because they use a public key for encryption -- but they use a different, private key for decryption.

It is based on the difficulty of factoring large numbers, from which the two keys are derived. Besides creating longer RSA keys, users are also turning to elliptic curve EC algorithms, based on the math used to describe curves, with security again increasing with the size of the key.

However, EC encryption up to bits has been broken, Kocher notes. RSA remains popular with developers because implementation requires only multiplication routines, leading to simpler programming and higher throughput, Kocher says.

Also, all the applicable patents have expired. For its part, EC is better when there are bandwidth or memory constraints, he adds. But this tidy world of cryptography may be seriously disrupted by the arrival of quantum computers. Mosca notes that in the past 15 years, we have moved from playing with quantum bits to building quantum logic gates.

At that rate, he thinks it's likely we will have a quantum computer within 20 years. Basically, Mosca explains, a quantum computer should be able to use the properties of quantum mechanics to probe for patterns within a huge number without having to examine every digit in that number.

Mosca explains that with a conventional computer, finding a pattern for an EC cipher with N number of bits in the key would take a number of steps equal to 2 raised to one-half N. As an example, for bits a modest number , it would take 1. With a quantum computer, it should take about 50 steps, he says, which means code-breaking would then be no more computationally demanding than the original encryption process.

With RSA, determining the number of steps needed for a solution through conventional computation is more complicated than with EC encryption, but the scale of the reduction with quantum computation should be similar, Mosca says. The situation is less dire with symmetric encryption, Mosca explains.