AW: Passphrasecheckwebsites

Mortimer Graf zu Eulenburg Mortimer.Eulenburg@y-e-p.de
Thu May 30 10:32:01 2002 

Regardless of quality http://www.cnlab.ch/pwcheck/ provides a rough check
and gives you hint how long it would take to brute-force the phrase with a
Pentium 1 Gig.

They also analyse the phrase if it consists of well known words or often
used characters.

Hope it helps, the site is in German but well understandable for english
imho.

Mortimer

->-----Ursprüngliche Nachricht-----
->Von: gnupg-users-admin@gnupg.org [mailto:gnupg-users-admin@gnupg.org]Im
->Auftrag von Ryan Malayter
->Gesendet: Mittwoch, 29. Mai 2002 19:01
->An: jed mallen; gnupg-users@gnupg.org
->Betreff: RE: (no subject)
->
->
->-----BEGIN PGP SIGNED MESSAGE-----
->Hash: SHA1
->
->
->From: jed mallen [mailto:jedmallen@hotmail.com]
->>A passphrase-strength-analyzer anyone?
->
->This is nearly impossible, unless the method for generating the pass
->phrase is known, or a standard method for pass phrase generation,
->like the one at www.diceware.com, is used.
->
->For example, the pass phrase "Ryan is great" isn't very high-quality
->if it's mine, since my first name is Ryan. If it's your pass phrase,
->the pass phrase is a bit better, but still no better than 53 bits of
->entropy: 3*log2(250000). This is because there are about 250000
->English words, and you're using three of them.
->
->If your pass phrase is composed of random characters, the formula for
->bit strength is simple: N*log2(M), where N is the number of
->characters in the passphrase, and M is the number of allowed
->characters. For a U.S. keyboard and a 12 character passphrase, this
->works out to about 12*log2(95), or 79 bits of entropy - about
->equivalent to the 1024-bit private key it protects.
->
->	-ryan-
->
->::::::::::::::::::::::::::::::
->A fanatic is one who can't change his mind and won't change the
->subject.
->        -Sir Winston Churchill
->
->-----BEGIN PGP SIGNATURE-----
->Version: GnuPG v1.0.6-2 (MingW32) - WinPT 0.5.7
->Comment: For info see http://www.gnupg.org
->
->iEYEARECAAYFAjz1CUIACgkQ9wZiZHyXot7qigCg+1YzB9aA/wHTbQP+nOiw+PA5
->q6gAnjSLCnMIhSDi3TNt8e74akxxTMNj
->=92oP
->-----END PGP SIGNATURE-----
->
->_______________________________________________
->Gnupg-users mailing list
->Gnupg-users@gnupg.org
->http://lists.gnupg.org/mailman/listinfo/gnupg-users
->