Join Log in
Score:2
netbeansnewbie avatar Crypto

Number of characters in 64-bit and 128-bit password

ne flag
netbeansnewbie

I have a simple question but I can't seem to find the answer of.

I know that

  • A 128-bit hash contains 32 characters since each represents a hexadecimal.
  • Similarly, a 64-bit hash would contain 16 characters.

  1. However, if I had a 64-bit and 128-bit string consisting of letters (both uppercase and lowercase) and numbers (0-9), how many characters would it occupy?

  2. Similarly, if I had a 64-bit and 128-bit string consisting of alphabets, numbers, and special symbols, how many characters would it occupy?

1285
3 + 3
DannyNiu avatar
vu flag
DannyNiu
If you're recently tasked with a password authentication component, or anything related to security, I recommend [OWASP Cheetsheet](https://cheatsheetseries.owasp.org/) as a must-read. These info are the most practical and straightforward from all products of OWASP. Also, you need to gear-up your security-related knowledge to make informed decisions.
0
Reply
fgrieu avatar
ng flag
fgrieu
The second paragraph uses _"contains"_ to mean _encodes_ or _is encoded by_, and uses _"since"_ where there should be _assuming_. I guess that in the next two paragraphs, _"consisting of"_ should not be taken literally, because then the answer would depend on the unstated encoding used for the characters. My guess is these _"consisting of"_ should be read either _that encodes_ or _that is encoded by_. But we have no way to tell which, and that changes the answer (by one extra for the later reading), if we understand _"how many"_ as implying an integer answer, as customary.
0
Reply
Paul Uszak avatar
cn flag
Paul Uszak
Shall I be the one to up vote the question since it has garnered three long answers?
0
Reply
Score:0
DannyNiu avatar Crypto
vu flag
DannyNiu

I know that a 128-bit hash contains 32 characters since each ...

Hash digest can be represented as text in hexadecimal or base64 and also as binary data (bit-string or byte-string).

However, if I had a 64-bit and 128-bit string consisting of letters(both uppercase and lowercase) and numbers (0-9), how many characters would it occupy?

Similarly ...

The crucial thing here is that you've already set the premise that your string is a fixed-length bitstring, so any later addition such as alphabet, digits, special characters don't fit into that picture.

Instead, we can devise and follow some kind of rules to generate character strings. The character set can be small or large, and the size may not necessarily be a power of 2. We then can calculate the entropy of the string generated from that rule.

There are posts at crypto.se and computer science site that discuss matters related to calculating the entropy of information source and I will not be overly verbose in this post.

+ 0
Score:0
fgrieu avatar Crypto
ng flag
fgrieu

$b$ bits can encode $\lfloor b/\log_2(k)\rfloor$ (or less) things among $k$, and can be encoded by $\lceil b/\log_2(k)\rceil$ things (or more) among $k$. Note: The notation in the first (resp. second) expression means rounding down (resp. up) the quotient to integer.

The question's second paragraph applies that with $k=16$ things, and in that case the result of both expressions is the same.

Justification of the formulas: there are $2^b$ distinguishable values of a vector of $b$ bits, and $k^n$ distinguishable values of a vector of $n$ things among $k$. To encode any combination of $b$ bits with $n$ things, we thus need $2^b\le k^n$. To encode any combination $n$ things among $k$, we thus need $k^n\le2^b$. The stated expressions follow by taking the base-2 logarithm of these inequalities (noting that logarithm is a strictly increasing function).

Sorting out exactly what the question should have been (see comment), and numerical application, are left as an exercise to the reader.

+ 0
Score:0
ElderlyPedant avatar Crypto
la flag
ElderlyPedant

Late to the party, and I can see the other relatively complex answers, but I’d like to comment on the OP’s potentially misleading use of the term “character”.

I know that a 128-bit hash contains 32 characters since each represents a hexadecimal.

No.

You can display an arbitrary 128 bit binary value however you want: 128 binary digits (each 0 or 1); 16 octal digits 0-7; 8 hex digits 0-9|A-F; a sequence of random hieroglyphics; or whatever. But none of those define a “character” in my opinion.

  • Traditionally, “character” meant a 7-bit ASCII character. These were generally stored with an extra parity bit, for 8 bits per character. So a 128 bit value could store 128/8 = 16 such characters.

  • The modern Unicode scheme defines an enormously number of characters, that can be “encoded” (ie. stored in binary) in various different ways. For example, in so-called “UTF32 encoding”, each Unicode character takes exactly 32 bits. So a 128 bit value can only store 128/32 = 4 such characters. But in “UTF-8 encoding”, a character can take anywhere from 8 to 40 bits, depending on the character!

  • Alternatively, someone might have an alphabet of 2^128 unique characters, in which case, a 128 bit value could only store a single character!

Thus, you just can’t say how many characters can be stored in ‘x’ bits - it depends entirely on what you mean by a character, what encoding you’re using to represent those characters, and for certain encodings, exactly which characters you’re actually trying to store!

So a 128-bit value, which you say “contains 32 characters since each represents a hexadecimal [digit]”, might in fact contain anywhere from one, to 2^128 characters, using what I believe to be a reasonable modern definition of the term “character”.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.