1995-02-02 - Re: How much entropy in a key press?
Header Data
From: Adam Shostack <adam@bwh.harvard.edu>
To: Nobody@eniac.ac.siue.edu (Anonymous)
Message Hash: 319a0401d64db3d8511735a1dee821723fec62dbed097599403e6c54787d0385
Message ID: <199502021639.LAA15114@hermes.bwh.harvard.edu>
Reply To: <199502021456.IAA01951@eniac.ac.siue.edu>
UTC Datetime: 1995-02-02 16:37:22 UTC
Raw Date: Thu, 2 Feb 95 08:37:22 PST
Raw message
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 2 Feb 95 08:37:22 PST
To: Nobody@eniac.ac.siue.edu (Anonymous)
Subject: Re: How much entropy in a key press?
In-Reply-To: <199502021456.IAA01951@eniac.ac.siue.edu>
Message-ID: <199502021639.LAA15114@hermes.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain
Shannon estimates roughly 1 bit per character of English.
RFC 1750 D. Eastlake, S. Crocker, J. Schiller,
"Randomness Recommendations for Security" is probably useful.
Adam
| Can anyone tell me how many bits of entropy there are per 7-bit ASCII
| character. More specifically, a program wishes to generate a session
| key by prompting the user to type N random key presses. The characters
| entered are hashed down to 128 bits by MD5 for subsequent use as a key.
|
| What should the value of N be, such that the entropy of the user's
| string does not unnecessarily exceed the entropy of the hash?
|
|
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
Thread
Return to February 1995
- Return to “Adam Shostack <adam@bwh.harvard.edu>”
- Return to “Nobody@eniac.ac.siue.edu (Anonymous)”
Return to “Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>”
- 1995-02-02 (Thu, 2 Feb 95 07:04:00 PST) - How much entropy in a key press? - Nobody@eniac.ac.siue.edu (Anonymous)
- 1995-02-02 (Thu, 2 Feb 95 08:37:22 PST) - Re: How much entropy in a key press? - Adam Shostack <adam@bwh.harvard.edu>
- 1995-02-03 (Thu, 2 Feb 95 18:26:52 PST) - Re: How much entropy in a key press? - Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>