Re: How to determine passphrase entropy?
- From: unruh <unruh@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 24 May 2010 21:41:09 GMT
On 2010-05-24, Maaartin <grajcar1@xxxxxxxxx> wrote:
On May 24, 12:34?pm, Paul Rubin <no.em...@xxxxxxxxxxxxxx> wrote:
The maximum entropy as worst case for brute force search? ?Sure, you can
calculate that the obvious way, H=log2(k**n) where k is the size of the
alphabet. ?But that is pretty useless, especially since the searcher
won't normally know the length of the passphrase (it could be very long).
I wonder how closely is the expected time of brute force search
related to the entropy. Imagine me picking a 10 characters random
password consisting of letters only, where I'm biased 80:20 against
capitals. The entropy is only 54 bits instead of 57, does it mean the
search takes 8 times less?
If the attacker adapts his search strategy to take that into account,
yes.
.
- References:
- Re: How to determine passphrase entropy?
- From: Paul Rubin
- Re: How to determine passphrase entropy?
- From: Anonymous
- Re: How to determine passphrase entropy?
- From: Paul Rubin
- Re: How to determine passphrase entropy?
- From: Maaartin
- Re: How to determine passphrase entropy?
- Prev by Date: Re: How to determine passphrase entropy?
- Next by Date: Re: How to determine passphrase entropy?
- Previous by thread: Re: How to determine passphrase entropy?
- Next by thread: Re: How to determine passphrase entropy?
- Index(es):
Relevant Pages
|
