Encryption Key??? 1

[jitter]

What exactly does it mean by a 128 bit encryption key? I am messing around with twofish and am just wondering exactly what is good practice for generating the key.

Any input would be appreciated.

Thanks...

 

[bjverzal]

Just that - the key is 128 bits in length. 128 "0" or "1" characters. That equates to 16 bytes.

That means there are 3.4028236692093846346337460743177e+38 possible combinations.

Bill.

 

[chiph]

> just wondering exactly what is good practice for generating the key. <

You need a good source of random data. An easy (but not totally rigorous) method is to close your eyes, open a large phone book at random, and point. Write down the closest character to your fingertip and convert it to ASCII. Do this 16 times to get a 128-bit number.

What's bad about this method is that you're much more likely to get characters in the lowercase a..z range and 0..9 range than anything else. (chance of getting a &quot;{&quot; or &quot;~&quot; are very low). But it may be good enough for your purposes.

Another method would be to buy 5 decks of cards and number them 0..255 (you'll have 5 left over, plus any Jokers, etc.). You'd shuffle them, close your eyes, throw them all up in the air, and (keeping your eyes closed) pick up the first card you can feel. Like before, do this 16 times to get a 128-bit number. A little messy, but generates much better random numbers.

Chip H.