Re: How to determine passphrase entropy?
 From: unruh <unruh@xxxxxxxxxxxxxxxxxxxxxxx>
 Date: Mon, 24 May 2010 21:41:09 GMT
On 20100524, Maaartin <grajcar1@xxxxxxxxx> wrote:
On May 24, 12:34?pm, Paul Rubin <no.em...@xxxxxxxxxxxxxx> wrote:
The maximum entropy as worst case for brute force search? ?Sure, you can
calculate that the obvious way, H=log2(k**n) where k is the size of the
alphabet. ?But that is pretty useless, especially since the searcher
won't normally know the length of the passphrase (it could be very long).
I wonder how closely is the expected time of brute force search
related to the entropy. Imagine me picking a 10 characters random
password consisting of letters only, where I'm biased 80:20 against
capitals. The entropy is only 54 bits instead of 57, does it mean the
search takes 8 times less?
If the attacker adapts his search strategy to take that into account,
yes.
.
 References:
 Re: How to determine passphrase entropy?
 From: Paul Rubin
 Re: How to determine passphrase entropy?
 From: Anonymous
 Re: How to determine passphrase entropy?
 From: Paul Rubin
 Re: How to determine passphrase entropy?
 From: Maaartin
 Re: How to determine passphrase entropy?
 Prev by Date: Re: How to determine passphrase entropy?
 Next by Date: Re: How to determine passphrase entropy?
 Previous by thread: Re: How to determine passphrase entropy?
 Next by thread: Re: How to determine passphrase entropy?
 Index(es):
Relevant Pages
