[7061] in cryptography@c2.net mail archive
Re: Automatic passphrase generation
daemon@ATHENA.MIT.EDU (Bill Stewart)
Thu May 11 13:53:47 2000
Message-Id: <3.0.5.32.20000510181246.0096ae40@idiom.com>
Date: Wed, 10 May 2000 18:12:46 -0700
To: "Sergio Tabanelli" <sergio.tabanelli@fst.it>, <cryptography@c2.net>
From: Bill Stewart <bill.stewart@pobox.com>
In-Reply-To: <026201bfba64$01667110$256fa8c0@squalo.fst.it>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
At 11:42 AM 05/10/2000 +0200, Sergio Tabanelli wrote:
>Perhaps this can be out of topic, but recently I was involved in a
>discussion on metods to generate strong password starting from easy to
>remember word or sentence, there I proposed to use a private key to encrypt
>easy to remember words. Is this is a valid or applicable metod?
>
>[Ex Nihil, Nihil. If you start with only the universe of easy words,
>the maximum entropy of your passphrase is is limited. Pull, stretch,
>squish and mangle it any way you like -- you cannot increase the
>entropy of something by a deterministic algorithm. You can at best
>obscure it well.... --Perry]
Steve Bellovin's Encrypted Key Exchange (EKE) and some related protocols
including A-EKE and SPEKE provide various ways to use a short shared secret
with random numbers and Diffie-Hellman to provide a stronger key exchange
than the shared secret alone could do. The main objective is to make it
safer to use human-rememberable passphrases with low risks from
attacks like dictionary search.
Thanks!
Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
