Re: PASSWORD DIFFICULTIE

[kentborg@world.std.com (Kent Borg)]

bmorris@netcom.com wrote:
>i.e. "spinachwalrusgazebo" is three words, and to me, would seem immune
>from a dictionary attack, because the attack only uses single words.  Is
>this right?

Wrong.  Read chapter 7 of Schneier's Applied Cryptography, a
dictionary attack is richer than just throwing a dictionary at it.
There is no reason not to try all combinations of several words from
smallish dictionaries.

Those three words would likely show up in a 4,000-word dictionary.  A
1-in-4000 choice is 12-bits.  You chose three words, I count about
36-bits there then.  Generously add another few bits for
capitalization and spacing, and you are still at or under the 40-bits
the NSA feels comfortable with.

(The fact that you would hash this out to 128-bits should not confuse
us.  A hash function cannot make up entropy.)

How many of us have dreamed up wild login passwords (in our youths,
perhaps, but we were more savvy than most youths or adults), only to
years later read David Klein's recipe for an extended dictionary crack
and realize that he would get many of your "clever" passwords?  Same
thing for pass-phrases: clever people will come up with clever
techniques, so only trust a cold count of random bits.  The phrase
"spinachwalrusgazebo" is worth no more than 40-bits, is weak, and yet
is stronger than the keys most normal people will pick.

Passwords are hard to choose.


-kb, the Kent who is on a bit-counting harangue.


--
Kent Borg                                                  +1 (617) 776-6899
kentborg@world.std.com                                
kentborg@aol.com                                      
          Proud to claim 31:15 hours of TV viewing so far in 1994!


P.S.  When earlier comparing a million encryptions to 10-bits, I
obviously meant 20-bits--either that or I was being very conservative.
:)