[Cryptography] Passwords (Smallest feasible work factor today?)

Jonathan Thornburg jthorn4242 at gmail.com
Wed Sep 7 23:32:07 EDT 2022 

On Wed, Sep 07, 2022 at 11:20:34AM -0400, Phillip Hallam-Baker wrote:
> Every shortcut I might apply
> to memorize a password or passphrase is a shortcut that can be reduced to
> code and used in an attack. Expecting me to deliver a search space of more
> than 2^20 in my head is unreasonable and more than 2^40 delusional and I
> have to order hats online because my size is 8+.

What's the search space for first-letters-of-each-word-in-sentences?
E.g.,
  LOTR=fiNZ.Ifh,g,aagwct*R*
is the first letter of each word of
"Lord Of The Rings = filmed in New Zealand.  It features hobbits,
gandalf, and a golem who covets the *RING*".

Thats 25 characters long, chosen from an alphabet that's [a-zA-Z]
together with various non-alphabetic characters.

Google's top search result for "entropy per letter of English text"
just now is
  https://www.fil.ion.ucl.ac.uk/~wpenny/course/info.pdf
which suggests 4.11 bits/letter.  Using this here is surely an
underestimate -- it gives no credit at all for the entropy introduced
by upper/lower case and non-alphabetic characters.  (It also assumes
the overall English-language letter-frequency distribution rather than
the first-letters-of-words frequency distribution, but that's probably
a relatively small error.)

Nonetheless, this gives us a rough estimate of 25*4.11 = 103 bits.
I wouldn't trust this scheme to be quite that good (inter-word
correlations in the sentence will lower the entropy), but I suspect
that "first letters of each word in a fairly long sentence or two"
is probably good for > 80 bits.


> First up, we need a standards-based password vault that can be supported on
> every platform and every browser and allows the user to choose their
> password vault provider. Only when users know that they can access their
> password vault on every platform they might use can we expect them to start
> using strong, machine generated passwords.

+1.

First-letters-of-every-word-in-a-fairly-long-sentence-or-two seems to
me to be a reasonable candidate for the master password which unlocks
a password vault.

--
-- "Jonathan Thornburg [remove -color to reply]" <dr.j.thornburg at gmail-pink.com>
   Dept of Astronomy & IUCSS, Indiana University, Bloomington, Indiana, USA
   currently on the west coast of Canada
   "Why would we install sewers in London?  Everyone keeps getting cholera
    again and again so there's obviously no reason to install sewers.  We
    just need to get used to this as the new normal."
                            -- 2022-Jul-25 tweet by "Neoliberal John Snow"

More information about the cryptography mailing list