How to determine passphrase entropy?
in [Cryptography]
|
From: George Orwell on 26 May 2010 04:28 > What are you trying to do exactly? 10 chars would normally not be > considered a "passphrase" (which connotes being able to withstand > offline brute force search). Normally 10 chars would be for an access > password which can only be checked with an online query for each guess, > making brute force search much harder. I overheard somebody saying a 10 character password can not possibly be brute forced. I know intuitively this is false but since I flunked all my college math I could not say why it is false scientifically speaking. I know you guys can. Given the password he was talking about is not random and doesn't contain any unprintable chars it seems obvious dictionary attacks and other types of attacks could easily crack his password, which is just something he types on a keyboard. Maybe I am not using the word entropy correctly. What I am asking is how many bits of security is there in a 10 character passphrase consisting of only what you could type on a regular keyboard. BTW Sorry for the out of order and occasionally missing replies. I am sending these posts through mixmaster. It is not 100% reliable for delivery of messages. Thanks. Il mittente di questo messaggio|The sender address of this non corrisponde ad un utente |message is not related to a real reale ma all'indirizzo fittizio|person but to a fake address of an di un sistema anonimizzatore |anonymous system Per maggiori informazioni |For more info https://www.mixmaster.it
From: Phoenix on 26 May 2010 07:16 On 24 Maio, 22:58, Mok-Kong Shen <mok-kong.s...(a)t-online.de> wrote: > If there is not "entropy of a password", could there be "entropy of a > message in general"? Yes I am afraid that the existence non-existence > of both are somehow tightly related. No See an example: key/Password/Passphrase = "aaaaaaaaaaaaaaaaaaaa" Plaintext/message = "aaaaaaaaaaaaaaaaaaaaaaa...... Ciphertext = Hight quality entropy and outher statiscal values The entropy value for the cipher text, depends on the algorithm. Alvo
From: Paul Rubin on 26 May 2010 09:59 George Orwell <nobody(a)mixmaster.it> writes: > I overheard somebody saying a 10 character password can not possibly be > brute forced. I know intuitively this is false but since I flunked all my > college math I could not say why it is false scientifically speaking. I > know you guys can. Well you could have just said that at the beginning. ;-). If you mean offline brute force (you can check a guess by computing some crypto primitive), it's certainly possible but not easy. Let's say 6 bits per character (64 character alphabet), so 60 bits, that's equivalent to 16x the keyspace of single DES, which was broken with special purpose hardware (google "Deep Crack") a decade or so ago. So it's within reach of a determined attacker with resources, but it's not something you could easily do on your PC, even today. If you mean an online attack (you have to submit each guess to a remote server and wait for a yes/no response, and the server locks you out after too many wrong tries), then it's pretty safe.
From: Mok-Kong Shen on 26 May 2010 11:13 Phoenix wrote: > Mok-Kong Shen wrote: > >> If there is not "entropy of a password", could there be "entropy of a >> message in general"? > > Yes > > I am afraid that the existence non-existence >> of both are somehow tightly related. > > No > > See an example: > > key/Password/Passphrase = "aaaaaaaaaaaaaaaaaaaa" > Plaintext/message = "aaaaaaaaaaaaaaaaaaaaaaa...... > Ciphertext = Hight quality entropy and outher statiscal values > > The entropy value for the cipher text, depends on the algorithm. Sorry that I don't capture that. A password is also "a sort" of message, i.e. the legitimate partner can recognizes that it is correct, if it is correctly entered. Right? So, if one denies that a password could have entropy (I am not sure yet though, whether that's the unanimous position of the experts in this group), it seems to be hard to claim that a message "in general" has entropy. BTW, by "message" I mean a given finite string. See also a follow-up of mine today to a post of Bryan Olson. M. K. Shen
From: Non scrivetemi on 26 May 2010 11:50
> Well you could have just said that at the beginning. ;-). Sorry sometimes it's not obvious until it's obvious! > If you mean offline brute force (you can check a guess by computing some > crypto primitive), it's certainly possible but not easy. Let's say 6 > bits per character (64 character alphabet), so 60 bits, that's > equivalent to 16x the keyspace of single DES, which was broken with > special purpose hardware (google "Deep Crack") a decade or so ago. So > it's within reach of a determined attacker with resources, but it's not > something you could easily do on your PC, even today. Thanks. And that's the best (worst) case, right? Since dictionary or attacks would probably crack it a lot faster..... |