1994-07-04 - Re: Password Difficulties

Header Data

From: Hal <hfinney@shell.portal.com>
To: cypherpunks@toad.com
Message Hash: dbcb2644272e4c3f3c3143c951847aaf907c8afe87753017a285ee79c182d7c2
Message ID: <199407040055.RAA15180@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1994-07-04 00:53:54 UTC
Raw Date: Sun, 3 Jul 94 17:53:54 PDT

Raw message

From: Hal <hfinney@shell.portal.com>
Date: Sun, 3 Jul 94 17:53:54 PDT
To: cypherpunks@toad.com
Subject: Re: Password Difficulties
Message-ID: <199407040055.RAA15180@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


(I tried posting on this a couple of days ago, but I never saw the
message.  Apologies if this is a rehash.)

Kent Borg makes a good point that our 128-bit IDEA keys are generated by
pass phrases of typically a few dozen bits.  He suggests doing things to
slow down the process of turning a pass phrase into a key, perhaps by
iterating MD5 multiple times.  A similar thing is done in the SecureDrive
software as well as in RSA's Public Key Cryptography Standards (PKCS).

The problem is that this doesn't help all that much.  If you slow down
the process by, say, a factor of 1000, that is about equivalent to adding
10 bits of entropy to the pass phrase (either way would slow down the
searcher by that much).  10 bits is perhaps nothing to sneeze at but it
doesn't really solve the problem.  I suspect that Kent is right that most
pass phrases don't have over 50 or 60 bits of entropy, far below the 128
bits of protection that we like to think IDEA is giving us.

Hal





Thread