[Cryptography] generated passphrases

Kent Borg kentborg at borg.org
Thu Aug 15 08:45:54 EDT 2019

On 8/15/19 12:52 AM, jamesd at echeque.com wrote:
> On 2019-08-14 4:19 am, Kent Borg wrote:
>> In the examples above it is easy to "curve fit" an idea through three 
>> words, and use it to help remember the password. But when it gets 
>> longer the "curve" gets bumpy and arbitrary. The following is 
>> 128-bits of entropy, and a monster to remember and type:
>> artist-equal-cricket-eric-panic-visitor-orient-empire-final-costume-harvard-charlie
> That is the BIPS32 solution.

And not a very easy solution.

> It would be a lot easier to type and to recollect if it was 
> grammatically correct.

But then the entropy per character goes down and it has to get longer. 
Also, human sentences are flexible things. Use a contraction or not and 
the human meaning doesn't really change but as a passphrase the two are 
different. Unless some algorithm boils the two versions of the sentence 
to the same thing...meaning the entropy per character would fall even 

Passphrases for quality encryption are hard.


More information about the cryptography mailing list