Re: Someone said 256 bits is not enough



On 28 Feb, 17:51, "Sebastian G." <se...@xxxxxxxxx> wrote:
Vend wrote:
On 28 Feb, 16:07, "Sebastian G." <se...@xxxxxxxxx> wrote:
giorgio.tani wrote:
Another thing to note is that is very hard to remember passwords
(passphrases) with enough enthropy to effectively use 256 bit keyspace
(even 128 bit one!)
Bullshit. Considering about 4 bits entropy per character for english text,
this would be 64 characters, which is a short sentence. Which is definitely
easy to remember.

Actually I think that the estimate is ~1 bit per character of
meaningful English text.

Considering appropriate modelling, which is not available per se.

Even without appropriate modelling, I doubt it is would be more than
~2 bits of work per character.
And anyway, it's better to underestimate entropy rather than
overestimate it.
.



Relevant Pages

  • Re: Entropy and Equivalent Key Lengths?
    ... ]> The English language produces 1.3 bits of entropy for, say, all lowercase ... This increases to 4 bits of entropy if we allow case, ... And come up with a far far bigger number than 1.3 bits per character. ...
    (sci.crypt)
  • Re: The Chinese MD5 attack
    ... >>There are approximately one million words in the English language. ... >>character in English is greater than 1. ... But passwords are not English text. ... the entropy of English text and teh entropy ...
    (sci.crypt)
  • Re: Someone said 256 bits is not enough
    ... Considering about 4 bits entropy per character for english ... you believe that "bullshit" is precicely probable ... If you take a not so short sentence, exact modeling becomes impossible (because, as Chomsky proved, even a very string simplification of natural English, with English following very strict generation rules, is a type 0 grammar). ... That is, the conditional entropy of the sentence's structure is hardly, of the informational content nearby impossible to exploit. ...
    (sci.crypt)
  • Re: The Chinese MD5 attack
    ... >> I have raised the question of entropy in a pass phrase many times, ... >There are approximately one million words in the English language. ... >character in English is greater than 1. ... Greg Rose ...
    (sci.crypt)
  • Re: How to measure redundancy ?
    ... ]> English character. ... You do not establish the entropy of English by ... Remove all the letters from the previous sentence and what entropy does ...
    (sci.crypt)