-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I once again ponder over wether a passphrase is safer than a string of random characters.
It's easy to compute the strength of a random string of characters. About 20 - 25 characters (a-z, A-Z, 0-9 and special characters) would correspond to a 128-bit symmetric key. But what about a passphrase. Many people argue that a random looking password of the initials in a passphrase is fairly safe: Byu!IAiw?Tai42 . But it could be attacked with a dictionary attack, "because it comes from real words". How safe is it then? A plain text sentence would be worse, because it would be more easily attacked, some people argue. But I read a discussion about TrueCrypt and someone argued: "You could create a "real sentence" from ANY randomly generated password, since any letter in the password could be the first letter of literally *thousands* of words. So how could a dictionary attack differentiate between the password mentioned above, and a truely random one?" I would argue that: 1. Five (5) random words would be safer than a random string of 20 characters. There are far more words than there are characters. The entropy for each word would be about 12.9 bits according to the diceware page www.diceware.com . A character would have an entropy of 1.9. 2. In an ordinary sentence, each word would have an entropy of 1-1.4 bits. If we set the entropy to 1.2 we would need approximately 38.53/1.2 words = 32 Words, if the entropy is 1.4 only 27 words! Why so many words? Because words are easy to guess with help of the context. A passphrase of 10 words would be OK if the entropy was 3.9 - it must seem fairly random then. An entropy of 7.7 would make 5 words sufficient. I prefer passphrases because they are easier to remember than 20 random characters. True random words are slightly harder to remember than a phrase. Questions: How to make a short passphrase look random enough? How can I compute the strength (entropy)? Is experiments with live persons guessing passphrases the only way to compute the strength? Do you know of any such experiment? Or can you set up one at your university? It would be very interesting to compare different strategies of randomising the passphrase. V�nligen Per Tunedal Civ. ing. Civ. ek. S:t Mickelsgatan 148 129 44 H�gersten Telefon: 08-646 34 83 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32) - GPGrelay v0.959 Comment: Vad �r en PGP-signatur? www.clipanish.com/PGP/pgp.html iD8DBQFCmCgBpPsTvNtsBX8RAiFDAJ499TQghIEUbyR+ww1cMD2hozAUjgCfQ5uN LGFCDsvnFCGsmfD3AfGHSaQ= =YjoZ -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
