Passphrase entropy (was Re: Symmetric encryption)

[vedaal at hush.com]

>Message: 6
>Date: Tue, 26 Oct 2004 14:51:21 -0500
>From: "Ryan Malayter" <rmalayter at bai.org>
>Subject: RE: Passphrase entropy (was Re: Symmetric encryption)
>To: <gnupg-users at gnupg.org>
>Message-ID: <792DE28E91F6EA42B4663AE761C41C2A03164A74 at cliff.bai.org>
>Content-Type: text/plain;	charset="us-ascii"

 [...]

>So we need 19.5 characters to get 128 bits of entropy in our pass
>phrase. Since you can't enter half-characters, you really need a
>20
>character pass phrase.
>
>Any non-randomness you add to the process (using real words, using
>the
>first letters of each word from a sentence, for example) severely
>decreases the amount of entropy per character. English prose has
>about
>1.5 bits of entropy per character, which means you'd need an
>86-character pass phrase of English text to get 128 bits of entropy.
>That's a lot to remember.

alternatively,

a 10 word diceware passphrase (40 -50 characters)has about the same security
as a 128 bit symmetrical cipher,

and a 20 word diceware passphrase (80 -100 characters),
would correspond to a 256 bit cipher


there are 7776 words in the diceware (english) list

(btw, AGR will gladly post links on his page to anyone who wants to provide
non-english equivalent diceware lists)

estimate this as 8000, or (2^3)(10^3)

and as 2^10 (1024) approx. = (10^3),
so, further approximate this as (2^13),

(2^128) approx. = 2^(13 x 10)
 
(2^256) approx. = 2^(13 x 20) 


the diceware passphrases are random, and not difficult to remember,
(but may be difficult to type accurately from the commandline,
when you can't see what you're typing and where you're holding ;-) )

vedaal



Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427