Question.
if i was to create a password that is only one letter, lets say "X", and a website uses a 128bit encryption... how does that work?
I understand that with a 128bit encryption there could be 2to the power of 128 possible combinations to crack a password, but how is that possible if I'm using only one letter as a password?
###### Who is Participating?

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Senior .Net DeveloperCommented:
So a 128 bit key is used to generate a cypher text from the "X".  That cypher text is then passed and only the key can correctly decrypt the cypher back to "X".  Using a different key could produce other results such as "y" or nothing meaningful at all.  The 128 bit has to do with the length of the key, and hence the number of possibilities used to brute force that key, not the length of what you're encrypting / decrypting.
Author Commented:
Kyle, can u please explain this a bit further.
A cipher is a combination of both the encryption and decryption algorithm, right?
A 128 bit key is basically 128 0s and 1s, right?
I don't quite understand how a 128 bit key ties in the actual password...
Senior .Net DeveloperCommented:
A cipher is the result of the encryption algorithm, which is then used during the decryption algorithm.

The 128 bit key transforms the clear text to cipher during the encryption phase.
The 128 bit key transforms the cipher back to clear text during the decryption phase.

This is according to the use of symmetric key encryption.  It's different with PKI or assymetric encryption (as in the keys are different).

Experts Exchange Solution brought to you by