Quote from: bitfool on August 16, 2013, 04:26 amA year is 60x60x24x365 seconds. We can use 2^25 to represent a year (that's actually ~388 days in seconds)Assume machine W does something like a million tries per second, that is 2^20.So machine W can try 2^25 x 2^20 --> 2^45 keys per year.If the keyspace is 2^60 then it would take 2^(60-45) --> 2^15 --> 32768 years to find a key.Did I get the math right?Pretty much. It is a general rule of thumb that keys are usually found via searching approaximatley half of the keyspace. That said, 2^60, however is not a very large keyspace. Even in the mid-90s it was recommended that keys be used that would provide at least 90 bits of entropy, versus 60 in your scenario. You have to realize that brute-forcing is the absolute LAST option that anyone will use, because it is so often a waste of time. The authorities will almost never use brute-force as a option, unless all other methods have failed first. The basic problem boils down to this: people are lazy; people will all too often, not use proper methods because they are "too hard to remember". The authorities know this, and indeed, count on it. People choose passphrases that are meaningful to them, which makes them more predictable (i.e less random). If you want a good system, try Diceware: http://www.diceware.com/ Diceware uses a specialized dictionary, the entries for which are paired with dice rolls. The dice rolls are a truly random physical process, thus it is impossible to predict which words were chosen, much less in what order. 10 Diceware words will yield a passphrase with 129 bits of entropy -- even given the fact that keys are usually found in only searching half the keyspace, that means that a potential attacker would have to go through 128-bits of the keyspace to potentially find what they're looking for. Nightcrawler4096R/BBF7433B 2012-09-22 Nightcrawler PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB8F1D88EBBF7433B (MIT clearnet keyserver)PGP Key: https://keys.indymedia.org/pks/lookup?op=get&search=0xB8F1D88EBBF7433B (IndyMedia https: clearnet keyserver)PGP Key: http://qtt2yl5jocgrk7nu.onion/pks/lookup?op=get&search=0xB8F1D88EBBF7433B (IndyMedia .onion keyserver)PGP Key: http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090 (Silk Road Forums PGP Key Link)PGP Key Fingerprint = 83F8 CAF8 7B73 C3C7 8D07 B66B AFC8 CE71 D9AF D2F0