Hmm, I meant Scrypt. You can use Scrypt to encrypt files using a passphrase with no entropy restrictions. It doesn't use keys. People never raised this concern about Scrypt, and certainly didn't say people would get fucked for using it. What am I missing here? Why does Minilock warrant this outrage, but not Scrypt?
That tool generates a random salt, so passphrase cracking time is O(n) where n is the number of files being cracked vs O(1) for Minilock public keys. Additionally, encrypted files are generally still not "public", whereas Minilock public keys likely would be.
Assuming that all files are encrypted with the same passphrase, and you crack the passphrase, not the key generated from kdf(salt, passphrase), complexity is O(1) for Minilock as well.
https://www.tarsnap.com/scrypt.html