Re: password derived key
From: Alan (a__l__a__n_at_hotmail.com)
Date: 04/13/05
- Next message: Joe Peschel: "Re: Crypto Mini-FAQ"
- Previous message: Ari Silversteinn: "Re: Public Key Intro Papers Online?"
- In reply to: mike: "Re: password derived key"
- Next in thread: Alan: "Re: password derived key"
- Reply: Alan: "Re: password derived key"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 13 Apr 2005 15:22:26 -0400
"mike" <donotreplymeonthisemail@gmail.com> wrote in message
news:1113412986.353655.283920@z14g2000cwz.googlegroups.com...
> neat ... but (if i understand this correctly) this is based on
> prefefined dictionary and more prone to dictionary attacks
Nope. Converting the dice rolls into words using the diceware dictionary
does not give up anything. The expected number
of trials necessary to find the pass phrase is exactly the same as the
expected number of trials to guess the dice rolls.
There are 7776 words in the dictionary. It takes five dice rolls to pick
one word (6^5 = 7776). Each word in a pass phrase is independent of all the
other words, since it is chosen simply by independent dice rolls. So, for a
10-word passphrase, there are 7776^10 different possibilities, all with
equal probability. That is approximately 129 bits of entropy:
10 * ln(7776) / ln(2) = 129.24812503605780907268694719739
So the expected number of trials to guess a ten word pass phrase would be
2^128, whether you are guessing words, dice rolls, or bits.
- Next message: Joe Peschel: "Re: Crypto Mini-FAQ"
- Previous message: Ari Silversteinn: "Re: Public Key Intro Papers Online?"
- In reply to: mike: "Re: password derived key"
- Next in thread: Alan: "Re: password derived key"
- Reply: Alan: "Re: password derived key"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
