50 characters ? (was RE: Man jailed over computer password refusal
ken
k.brown at bbk.ac.uk
Fri Oct 15 16:25:31 BST 2010
On 15/10/2010 15:56, James Firth wrote:
> On the crypto angle NIST recons the entropy in English language passphrases
> is so low that one needs over 50 characters to achieve 80-bit equivalent key
> strength.
>
> http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
>
> Of course the entropy significantly increases if one uses random
> capitalisation and illogical placing of alphanumerical characters, which
> then somewhat obviously can make the passphrase less memorable.
And of course poems and songs and assorted bits of memorable
literature don't help because the other side knows them too.
So as Leo Marks and others realised seventy years ago, there is
a genuine use - these days even a lucrative use - for bad
poetry. That should warm the hearts of sensitive
literary-minded 17-year-olds everywhere.
More information about the ukcrypto
mailing list