50 characters ? (was RE: Man jailed over computer password refusal

ken k.brown at bbk.ac.uk
Fri Oct 15 16:25:31 BST 2010

On 15/10/2010 15:56, James Firth wrote:

> On the crypto angle NIST recons the entropy in English language passphrases
> is so low that one needs over 50 characters to achieve 80-bit equivalent key
> strength.
> http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
> Of course the entropy significantly increases if one uses random
> capitalisation and illogical placing of alphanumerical characters, which
> then somewhat obviously can make the passphrase less memorable.

And of course poems and songs and assorted bits of memorable 
literature don't help because the other side knows them too.

So as Leo Marks and others realised seventy years ago, there is 
a genuine use - these days even a lucrative use - for bad 
poetry.  That should warm the hearts of sensitive 
literary-minded 17-year-olds everywhere.

More information about the ukcrypto mailing list