[Cryptography] generated passphrases
Kent Borg
kentborg at borg.org
Thu Aug 15 08:45:54 EDT 2019
On 8/15/19 12:52 AM, jamesd at echeque.com wrote:
> On 2019-08-14 4:19 am, Kent Borg wrote:
>> In the examples above it is easy to "curve fit" an idea through three
>> words, and use it to help remember the password. But when it gets
>> longer the "curve" gets bumpy and arbitrary. The following is
>> 128-bits of entropy, and a monster to remember and type:
>>
>> artist-equal-cricket-eric-panic-visitor-orient-empire-final-costume-harvard-charlie
>
> That is the BIPS32 solution.
And not a very easy solution.
>
> It would be a lot easier to type and to recollect if it was
> grammatically correct.
But then the entropy per character goes down and it has to get longer.
Also, human sentences are flexible things. Use a contraction or not and
the human meaning doesn't really change but as a passphrase the two are
different. Unless some algorithm boils the two versions of the sentence
to the same thing...meaning the entropy per character would fall even
further.
Passphrases for quality encryption are hard.
-kb
More information about the cryptography
mailing list