passphrases with more than 160 bits of entropy

Thierry Moreau thierry.moreau at
Wed Mar 22 07:28:38 EST 2006

Travis H. wrote:
> Hi,
> Does anyone have a good idea on how to OWF passphrases without
> reducing them to lower entropy counts?  That is, I've seen systems
> which hash the passphrase then use a PRF to expand the result --- I
> don't want to do that.  I want to have more than 160 bits of entropy
> involved.

More than 160 bits is a wide-ranging requirement.

Entropy is a highly discussed unit of measure.

Anyway, keep it simple, use a larger hash: SHA-256, SHA-512, or for hash 
with user-selectable size, MASH:

International standard document ISO/IEC 10118-4:1998, Information 
technology - Security techniques - Hash-functions - Part 4: 
Hash-functions using modular arithmetic



- Thierry Moreau

CONNOTECH Experts-conseils inc.
9130 Place de Montgolfier
Montreal, Qc
Canada   H2M 2A1

Tel.: (514)385-5691
Fax:  (514)385-5900

web site:
e-mail: thierry.moreau at

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list