From: tcmay@got.net (Timothy C. May)
To: cypherpunks@toad.com
Message Hash: cdbb6236c9b309ab3d5b20c42382b22becdabe7463ab910da0c3eb71f2bcc200
Message ID: <ae1012b2000210044c67@[205.199.118.202]>
Reply To: N/A
UTC Datetime: 1996-07-16 06:31:35 UTC
Raw Date: Tue, 16 Jul 1996 14:31:35 +0800
From: tcmay@got.net (Timothy C. May)
Date: Tue, 16 Jul 1996 14:31:35 +0800
To: cypherpunks@toad.com
Subject: Re: Word lists for passphrases
Message-ID: <ae1012b2000210044c67@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain
At 5:33 PM 7/15/96, David Sternlight wrote:
>It is pretty easy to defend against dictionary attacks by using an expanded
>character set--mixed caps and lower case; numbers substituted for some
>letters according to easily-remembered personal rules.
>
>"Da5id" in "Snow Crash" by Neal Stephenson is an obvious example, since the
>"v" is a roman numeral 5. Another is the "Compuserve method" of inserting
>punctuation characters between words making up a password or key. Since the
>length of the words used is unknown to the cracker, this makes his job
>harder.
>
>That is--a dictionary which accomodates such things as the above will be
>pretty large. With the number rule, there would have to be 10 additional
>versions of the one-letter word, 10 versions of each leading character
>making up a two letter word, and then it starts increasing combinatorially.
>Might as well use brute force.
In a "universe" of n-character passwords, whatever length n is, the use of
English, German, Elvish, Klingon, whatever words can be looked as
"galaxies."
(That is, clusters in an otherwise uniform space.)
Thus, "David" is one of the galaxies, and ""Da5id," "david," "Daphid," etc.
are just some of the stars in this galaxy of "nearby" strings.
Calculations of entropy and all. Be very careful.
--Tim May
Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
Licensed Ontologist | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."
Return to July 1996
Return to “tcmay@got.net (Timothy C. May)”
1996-07-16 (Tue, 16 Jul 1996 14:31:35 +0800) - Re: Word lists for passphrases - tcmay@got.net (Timothy C. May)