On Thu, Feb 2, 2017 at 4:38 PM, Richard Pieri <[email protected]> wrote: > On 2/2/2017 2:51 PM, Kent Borg wrote: >> Does have 40-bits of entropy, that is. > > Not really: > https://www.schneier.com/blog/archives/2014/03/choosing_secure_1.html
Yes really. IF the word selection is based on a random process. Schneier is correct that if a human selects (either you personally or by quoting from another source then you lose entropy. If you are just writing down a 40 bit random number by encoding it into words, there is no problem (modulo offline vs. online attacks). Bill Bogstad _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
