Re: Someone said 256 bits is not enough

From: Vend <vend82@xxxxxxxxxxx>
Date: Sat, 8 Mar 2008 01:29:05 -0800 (PST)

On 28 Feb, 17:51, "Sebastian G." <se...@xxxxxxxxx> wrote:

Vend wrote:

On 28 Feb, 16:07, "Sebastian G." <se...@xxxxxxxxx> wrote:

giorgio.tani wrote:

Another thing to note is that is very hard to remember passwords
(passphrases) with enough enthropy to effectively use 256 bit keyspace
(even 128 bit one!)

Bullshit. Considering about 4 bits entropy per character for english text,
this would be 64 characters, which is a short sentence. Which is definitely
easy to remember.

Actually I think that the estimate is ~1 bit per character of
meaningful English text.

Considering appropriate modelling, which is not available per se.

Even without appropriate modelling, I doubt it is would be more than
~2 bits of work per character.
And anyway, it's better to underestimate entropy rather than
overestimate it.
.

Prev by Date: Re: How is this CRC or Checksum calculated
Next by Date: Re: Someone said 256 bits is not enough
Previous by thread: Re: Someone said 256 bits is not enough
Next by thread: Re: Someone said 256 bits is not enough
Index(es):
- Date
- Thread

Relevant Pages

Re: Entropy and Equivalent Key Lengths?
... ]> The English language produces 1.3 bits of entropy for, say, all lowercase ... This increases to 4 bits of entropy if we allow case, ... And come up with a far far bigger number than 1.3 bits per character. ...
(sci.crypt)
Re: The Chinese MD5 attack
... >>There are approximately one million words in the English language. ... >>character in English is greater than 1. ... But passwords are not English text. ... the entropy of English text and teh entropy ...
(sci.crypt)
Re: Someone said 256 bits is not enough
... Considering about 4 bits entropy per character for english ... you believe that "bullshit" is precicely probable ... If you take a not so short sentence, exact modeling becomes impossible (because, as Chomsky proved, even a very string simplification of natural English, with English following very strict generation rules, is a type 0 grammar). ... That is, the conditional entropy of the sentence's structure is hardly, of the informational content nearby impossible to exploit. ...
(sci.crypt)
Re: The Chinese MD5 attack
... >> I have raised the question of entropy in a pass phrase many times, ... >There are approximately one million words in the English language. ... >character in English is greater than 1. ... Greg Rose ...
(sci.crypt)
Re: How to measure redundancy ?
... ]> English character. ... You do not establish the entropy of English by ... Remove all the letters from the previous sentence and what entropy does ...
(sci.crypt)