Re: Are PassPhrases Secure Enough?

From: Valery Pryamikov (Valery_at_nospam.harper.no)
Date: 11/24/04 

Date: Wed, 24 Nov 2004 20:55:44 +0100

Hi
The problem with passphrases is that they has near to natural language
entropy that is very low. Entropy is a measure of information uncertainty
and reverseproportional to information redundancy. Redundancy could be
thought as measure of data compressibility (i.e. more compression rate you
can achieve on your data - lower entropy of that data). Natural English
information redundancy is about 75%. This gives something like 1.25 entropy
of Natural English language. I.e. each extra byte you add to your passphrase
only increases your password strength for something from 1.25 bits
(unlimited length) to 2.9 bits of security (for longer than 10 chars
passwords). I don't know why is that so popular to advocate natural language
passphrases lately ignoring many researches that was done during past two
decades that indicated that passwords build from passphrase by taking one or
more characters from each word would provide better security due to better
entropy while as they still quite easy to remember. You only need such
password of size 15 chars (to disable LM Hash) and it would be as difficult
to break as your passphrase of size more than 50 chars. I, for example, use
one or other line from Russian song or story, take some char from each word,
write them in Latin alphabet instead of Cyrillic (which means that sometimes
I have to use two Latin letter instead of one Cyrillic), throw in some
symbols and get password that looks like following: "KjbZ-m0d,jDbzRb". It is
composed from well known child story that I used to read to my sons - I'll
never forget it (I actually used it couple of years ago) - but it will be
very tough to break. For more information for choosing password - check this
paper by Ross Anderson (one of the world most acknowledged experts in
cryptography and information security) that was written in 2000
http://citeseer.ist.psu.edu/yan00memorability.html (click on cached PDF to
read the paper). Only note that they are talking about minimum of 8 chars
only because UNIX and Linux "crypt" password protection doesn't allow
passwords longer that 8 chars (and "crypt" still is used on some UNIX/Linux
distributions) . If you interesting you can also check my blog where I
posted 6 articles about passwords (just search my blog for passwords).

-Valery.
http://www.harper.no/valery

"clintonG" <csgallagher@REMOVETHISTEXTmetromilwaukee.com> wrote in message
news:O8V39Sk0EHA.2016@TK2MSFTNGP15.phx.gbl...
> I've been thinking of implementing the following and seek comments pro and
> con.
>
> When registering, the user provides an e-mail address and creates a
> password
> phrase question such as "What is your father's middle name?" The user also
> provides the answer to the phrase he or she has created.
>
> Future attempts to log in initially request the e-mail address only. A
> callback is issued and the login form is updated to display the user's
> passphrase "What is your father's middle name?" The user provides the
> correct answer and is presumably authenticated.
>
> That is the gist of this postulation. I am seeking comments regarding how
> to harden this methodology using hashed values to salt or other comments
> why
> this type of methodology would not be as secure as any other currently
> implemented.
>
> --
> <%= Clinton Gallagher, "Twice the Results -- Half the Cost"
> Architectural & e-Business Consulting -- Software Development
> NET csgallagher@REMOVETHISTEXTmetromilwaukee.com
> URL http://www.metromilwaukee.com/clintongallagher/
>
>

Relevant Pages

  • Re: Are PassPhrases Secure Enough?
    ... Entropy is a measure of information uncertainty ... > of Natural English language. ... > decades that indicated that passwords build from passphrase by taking one ... > to break as your passphrase of size more than 50 chars. ...
    (microsoft.public.dotnet.security)
  • Re: Should be in crypto for criminals Re: just stupid?
    ... > brute force the pass phrase at all, you can brute force it to obtain ... passphrases by making it so that only one passphrase needs to be remembered ... passphrases are pathetically low in entropy. ... > That's not the pass phrase generator. ...
    (sci.crypt)
  • Re: Are PassPhrases Secure Enough?
    ... Entropy is a measure of information uncertainty ... > of Natural English language. ... > decades that indicated that passwords build from passphrase by taking one ... If you interesting you can also check my blog where I ...
    (microsoft.public.dotnet.security)
  • Re: md5 collisions and speeding tickets
    ... >>passphrase has roughly 20 bits of entropy. ... >>passphrase will have more than 20 bits of entropy. ... Good pass phrases contain no english words at all. ... a clue which nowadays most computer users ...
    (sci.crypt)
  • Re: hiding encryption keys
    ... >> To have something secure requires secure storage of some kind, ... Each individual has a limit to the amount of entropy they can ... memorize, if each individual can memorize say 120-bits, then each passphrase ... For a single passphrase this would deliver ...
    (sci.crypt)