Look for references to "unicity distance" in the cryptography literature. I am not sure how much knowledge of this is in the public domain so I am reluctant to discuss it, but it is the answer to your question about appropriate key length.