From: Gary Howland <gary@systemics.com>
To: “Timothy C. May” <tcmay@got.net>
Message Hash: a8636df44270b607390901882388f2629a5d4bb81351a7e939607bd3f7907083
Message ID: <31CA5F34.5656AEC7@systemics.com>
Reply To: <adef550a010210048c61@[205.199.118.202]>
UTC Datetime: 1996-06-21 20:48:44 UTC
Raw Date: Sat, 22 Jun 1996 04:48:44 +0800
From: Gary Howland <gary@systemics.com>
Date: Sat, 22 Jun 1996 04:48:44 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Safemail
In-Reply-To: <adef550a010210048c61@[205.199.118.202]>
Message-ID: <31CA5F34.5656AEC7@systemics.com>
MIME-Version: 1.0
Content-Type: text/plain
Timothy C. May wrote:
>
> I haven't seen this particular idea, but a general point to always bear in
> mind is that "entropy doesn't increase" (despite what you may have heard
> about that other kind of entropy....).
>
> To wit, if there are N bits of entropy in a passphrase (or whatever is the
> basic key, be it typed in, read from a floppy, whatever), then no amount of
> deterministic crunching by a PRNG (or whatever) will increase this.
>
> (I say "deterministic" in the sense that all parties presumably need to run
> the same PRNG and get the same output from the same "seed" (= passphrase,
> in this scheme). Thus, the PRNG cannot add additional randomness or
> entropy. Unless I am misunderstanding the proposal...)
>
> So, if the passphrase is 22 characters, as in the "Safemail" proposal (such
> as it is), that's all that can be gotten. Period. There just aren't enough
> "places" in the space of starting points. Anyone with access to the
> algorithms used to process the 22 characters (154 bits if 7 bits are used
> for each character) can brute force search the space in a relatively short
> time. (If the later processing algorithms are supposed to be "secret," then
> of course this a cryptographic faux pas of the first magnitude, usually
> dismissed as "security through obscurity.")
Generally agreed, but I would like to mention a couple of points. I would
argue that 154 bits of entropy is enough, but then I would also argue that
a 22 character passphrase is unlikely to generate these 154 bits of entropy.
Gary
--
pub 1024/C001D00D 1996/01/22 Gary Howland <gary@systemics.com>
Key fingerprint = 0C FB 60 61 4D 3B 24 7D 1C 89 1D BE 1F EE 09 06
Return to June 1996
Return to “tcmay@got.net (Timothy C. May)”