1996-07-21 - Re: Length of passphrase beneficial?

Header Data

From: Adam Shostack <adam@homeport.org>
To: vagab0nd@sd.cybernex.net (Erle Greer)
Message Hash: fa3035b543a6f3600d8ad03893e7a418b989c95df04ae7839ae0223ccb182fe4
Message ID: <199607212038.PAA20685@homeport.org>
Reply To: <2.2.32.19960721172615.006e6a64@mail.sd.cybernex.net>
UTC Datetime: 1996-07-21 21:53:17 UTC
Raw Date: Mon, 22 Jul 1996 05:53:17 +0800

Raw message

From: Adam Shostack <adam@homeport.org>
Date: Mon, 22 Jul 1996 05:53:17 +0800
To: vagab0nd@sd.cybernex.net (Erle Greer)
Subject: Re: Length of passphrase beneficial?
In-Reply-To: <2.2.32.19960721172615.006e6a64@mail.sd.cybernex.net>
Message-ID: <199607212038.PAA20685@homeport.org>
MIME-Version: 1.0
Content-Type: text



Erle Greer wrote:

| f4VnI1G1mGcwTZ1vGoyPwN4NLojF8Ee9ff1aicOGn87x0nwwHhJUo6XSYKEawRne
| (Yes, cut-n-paste, but my only in-house threat is my wife.)
| 
| Actual Question:
| Does the length and randomness of a passphrase contribute at all
| to the overall security of a cryptosystem?

	Not directly.  The SECRECY of a passphrase does contribute.
If you do not provide it to your attacker (in the form of a file on
your computer which a Microsoft Worm macro carried in a message might
send out, that the search party might find, etc), then the length and
difficulty of guessing protect you.

	For random text (I'll assume you're rolling dice) like that,
figure you get about 5 bits of entropy per character.  Your PGP secret
key is IDEA encrypted with a 128 bit key, so you don't need any more
than 30 characters of random text to get a passphrase space (or
universe, to use Tim's metaphor) thats harder to search than the
keyspace.

	I think its a poor assumption that your home won't be searched
if you're doing something that makes you want a 2048 bit key.  A
thousand bits of keylength should be good enough for most things that
don't need to stay secret more than 5-10 years.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






Thread