1996-11-13 - A question about PGP Pass phrases.

Header Data

From: snow <snow@smoke.suba.com>
To: tcmay@got.net (Timothy C. May)
Message Hash: 1dfad1fd8d790055d0f88e1f3fa77495c2b936cab5012ab3d8a3432e6e58359a
Message ID: <199611130715.BAA00511@smoke.suba.com>
Reply To: <v03007802aea93092c562@[207.167.93.63]>
UTC Datetime: 1996-11-13 07:01:14 UTC
Raw Date: Tue, 12 Nov 1996 23:01:14 -0800 (PST)

Raw message

From: snow <snow@smoke.suba.com>
Date: Tue, 12 Nov 1996 23:01:14 -0800 (PST)
To: tcmay@got.net (Timothy C. May)
Subject: A question about PGP Pass phrases.
In-Reply-To: <v03007802aea93092c562@[207.167.93.63]>
Message-ID: <199611130715.BAA00511@smoke.suba.com>
MIME-Version: 1.0
Content-Type: text/plain


Mr. May said:
> years). However, a properly memorized passphrase, of sufficient length and
> entropy to make exhaustive search impractical, and proper "crypto hygiene"
> will go a long way toward making such raids ineffective.

     A very basic question then:

     What _would_ be a passphrase of sufficient length and entropy? 

     I would assume that the phrase "Off we go, into the while blue yonder"
would not be sufficient, but what about "0ff they went, in'ta the black viod"?

     I would guess that either would be difficult to out right guess, but the 
second would be considerably less likely. Not as unlikely as 
"KIB&^%(*h89hgv&*hjV6*ibHF&90n", but a hell of a lot easier to remember.

    It has been several months since I read the PGP users guide, and I don't 
remember any discussion of that in it, but I could be wrong. 


Petro, Christopher C.
petro@suba.com <prefered for any non-list stuff>
snow@smoke.suba.com





Thread