[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Length of passphrase beneficial?

To: [email protected]
Subject: Re: Length of passphrase beneficial?
From: Rich Burroughs <[email protected]>
Date: Sun, 21 Jul 1996 11:26:32 -0700 (PDT)
In-Reply-To: <[email protected]>
Sender: [email protected]

On Sun, 21 Jul 1996, Erle Greer wrote:
[snip]
> I have a 2048-bit PgP key and pseudorandom a/n character
> generator, from which I chose a large passphrase similar to:
>
> f4VnI1G1mGcwTZ1vGoyPwN4NLojF8Ee9ff1aicOGn87x0nwwHhJUo6XSYKEawRne
> (Yes, cut-n-paste, but my only in-house threat is my wife.)

Ugh.  Erle, you might want to check out the Diceware method for generating
passphrases.  It lets you generate a lengthy passphrase that is random and
that you might actually be able to remember :)

I don't have a URL handy, but if you go to Altavista and search for
"diceware" you should find it...  It might be indexed at Yahoo, too...

> Actual Question:
> Does the length and randomness of a passphrase contribute at all
> to the overall security of a cryptosystem?

Actual short answer: yes :)

Look for the passphrase FAQ, for a better explanation than I can give...

______________________________________________________________________
Rich Burroughs  [email protected]  http://www.teleport.com/~richieb
See my Blue Ribbon Page at http://www.teleport.com/~richieb/blueribbon
New EF zine "cause for alarm" - http://www.teleport.com/~richieb/cause

Follow-Ups:
- Re: Length of passphrase beneficial?
  - From: Paul Foley <[email protected]>

References:
- Length of passphrase beneficial?
  - From: Erle Greer <[email protected]>

Prev by Date: Re: Firewall Penetration
Next by Date: Re: A Snake-Oil FAQ
Prev by thread: Length of passphrase beneficial?
Next by thread: Re: Length of passphrase beneficial?
Index(es):
- Date
- Thread