From: szabo@netcom.com (Nick Szabo)
Date: Wed, 24 Nov 93 13:15:24 PST
To: pdn@dwroll.dw.att.com (Philippe Nave)
Subject: Re: Give me your password- OR ELSE!
In-Reply-To: <9311240450.AA01367@toad.com>
Message-ID: <199311242115.NAA01943@mail.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Philippe Nave:
> As the value protected by our encryption systems increases, we
> must devote more effort to the solution of problems like the thug...

Distributed pass phrases have been mentioned, as have distress codes 
and dead-man switches.  Along with distributed pass phrases I'd add
distributed keys with M-out-of-N voting, for valuable shared data
(eg corporate data, family bank account).  Other options include:

	* steganography and foiling traffic analysis: don't let the
	thugs know you have valuable encrypted data in the first
	place.
	* multiple keys with multiple (easy to remember!) pass
	phrases. We use different keys for our house, car, safes, etc.
	as well as different passwords for different accounts,
	and this will likely be also true for our encryption
	strategies.  For example, it's a good idea to encrypt
	files on one's disk with a different key than one
	uses to receive e-mail.

The ability to choose high-entropy but easy to rememember pass
phrases is an interesting art.  One strategy  is to pick
short pass phrases with high entropy (eg by requiring mixed cases, 
letters+numbers, etc.)  PGP allows one to pick a long phrase, 
easier to remember, with less entropy per character but more total entropy.
I despise the current situation where I have to choose a bunch of
difficult to remember alphanumeric codes for different kinds of
accounts, ATM access, etc.

Nick Szabo					szabo@netcom.com