password-cracking by journalists...
Sampo Syreeni
decoy at iki.fi
Sat Jan 19 18:05:32 EST 2002
On Thu, 17 Jan 2002, Steven M. Bellovin wrote:
>For one thing, in Hebrew (and, I think, Arabic) vowels are not normally
>written.
If something, this would lead me to believe there is less redundancy in
what *is* written, and so less possibility for a dictionary attack.
>Also, there are a few Hebrew letters which have different forms when
>they're the final letter in a word -- my understanding is that there are
>more Arabic letters that have a different final form, and that some have
>up to four forms: one initial, two middle, and one final.
At least Unicode codes these as the same codepoint, and treats the
different forms as glyph variants. Normalizing for these before the attack
shouldn't be a big deal.
>Finally, Hebrew (and, as someone else mentioned, Arabic) verbs have a
>three-letter root form; many nouns are derived from this root.
This would facilitate the attack, especially if the root form is all that
is written -- it would lead us expect shorter passwords and a densely
populated search space, with less possibility for easy variations like
punctuation.
Sampo Syreeni, aka decoy - mailto:decoy at iki.fi, tel:+358-50-5756111
student/math+cs/helsinki university, http://www.iki.fi/~decoy/front
openpgp: 050985C2/025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list