What is the difference between key length and key space, and why does key length alone not determine security?
Key length is the number of bits in the key representation; key space is the number of actually possible keys. A defective RNG can make a 28-bit key have a key space of only 2.
* Key length is the container; a weak RNG can shrink the real key space far below 2^length. *
A critical example:
Consider a 28-bit key where:
- The first bit is generated truly randomly (entropy = 1 bit)
- The remaining 27 bits follow a deterministic pattern based on the first bit
- Key length = 28 bits → naively suggests $2^{28} \approx 268$ million possible keys
- Key space = 2 keys → the attacker only needs to try 2 keys!
The distinction:
- Key length = number of bits in the binary representation
- Key space = number of distinct keys that can actually be generated
- Entropy of the key = $\log_2(\text{key space})$ = the true security measure
$$\text{Key space} = 2^{\text{entropy}} \leq 2^{\text{key length}}$$
Real-world implication: A key is only as strong as the randomness used to generate it. If the random number generator (RNG) is flawed, even a "256-bit key" might have only a few bits of actual entropy. This is why cryptographically secure PRNGs (CSPRNGs) are essential.
Tip: Always think in terms of entropy, not key length. The key length is the container; the entropy is the actual content.
Go deeper:
Key size — key length and effective security.
Random number generator attack — the Debian OpenSSL bug and other RNG failures.