From: Rich Burroughs <richieb@teleport.com>
To: cypherpunks@toad.com
Message Hash: 5e35b79ed7042c44aff56640130853231658ea69b78451bcc0c8740409ca04e0
Message ID: <Pine.SUN.3.92.960721111918.11352A-100000@julie.teleport.com>
Reply To: <2.2.32.19960721172615.006e6a64@mail.sd.cybernex.net>
UTC Datetime: 1996-07-21 20:44:05 UTC
Raw Date: Mon, 22 Jul 1996 04:44:05 +0800
From: Rich Burroughs <richieb@teleport.com>
Date: Mon, 22 Jul 1996 04:44:05 +0800
To: cypherpunks@toad.com
Subject: Re: Length of passphrase beneficial?
In-Reply-To: <2.2.32.19960721172615.006e6a64@mail.sd.cybernex.net>
Message-ID: <Pine.SUN.3.92.960721111918.11352A-100000@julie.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain
On Sun, 21 Jul 1996, Erle Greer wrote:
[snip]
> I have a 2048-bit PgP key and pseudorandom a/n character
> generator, from which I chose a large passphrase similar to:
>
> f4VnI1G1mGcwTZ1vGoyPwN4NLojF8Ee9ff1aicOGn87x0nwwHhJUo6XSYKEawRne
> (Yes, cut-n-paste, but my only in-house threat is my wife.)
Ugh. Erle, you might want to check out the Diceware method for generating
passphrases. It lets you generate a lengthy passphrase that is random and
that you might actually be able to remember :)
I don't have a URL handy, but if you go to Altavista and search for
"diceware" you should find it... It might be indexed at Yahoo, too...
> Actual Question:
> Does the length and randomness of a passphrase contribute at all
> to the overall security of a cryptosystem?
Actual short answer: yes :)
Look for the passphrase FAQ, for a better explanation than I can give...
______________________________________________________________________
Rich Burroughs richieb@teleport.com http://www.teleport.com/~richieb
See my Blue Ribbon Page at http://www.teleport.com/~richieb/blueribbon
New EF zine "cause for alarm" - http://www.teleport.com/~richieb/cause
Return to July 1996
Return to “Rich Burroughs <richieb@teleport.com>”