[8239] in cryptography@c2.net mail archive
Re: migration paradigm (was: Is PGP broken?)
daemon@ATHENA.MIT.EDU (Bill Stewart)
Sun Dec 10 03:49:51 2000
Message-Id: <3.0.5.32.20001208075834.00a0e350@idiom.com>
Date: Fri, 08 Dec 2000 07:58:34 -0800
To: reinhold@world.std.com
From: Bill Stewart <bill.stewart@pobox.com>
Cc: cryptography@c2.net, William Allen Simpson <wsimpson@greendragon.com>
In-Reply-To: <4.3.2.7.0.20001206152508.00acd720@mailhost.sctc.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
At 03:43 PM 12/6/00 -0600, Rick Smith at Secure Computing wrote:
>At 05:04 PM 12/5/00, Ray Dillinger wrote:
>
>>If someone wants to enter "sex" as a password, s/he deserves
>>what s/he gets (although you may put up an "insecure passphrase"
>>warning box for him/her).
>
>The problem is that there's no objective way of knowing when a passphrase
>becomes 'insecure' since it depends on the amount of effort an attacker
>wants to spend trying to crack it. Going after Bill Gates' passphrase may
>yield more value than, say, my 12-year-old son's passphrase.
A more important problem with passphrase-based keys is collisions -
two people picking wimpy passwords can end up with the same keys.
This means that you need to use something besides the key to differentiate
between the users. It's not always a problem - if you've got your
database of known public keys sorted by email address, it's ok,
but if you've got it sorted by public key, you may have a problem.
Thanks!
Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
