[21489] in cryptography@c2.net mail archive
Re: passphrases with more than 160 bits of entropy
daemon@ATHENA.MIT.EDU (Thierry Moreau)
Wed Mar 22 08:38:03 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 22 Mar 2006 07:28:38 -0500
From: Thierry Moreau <thierry.moreau@connotech.com>
To: "Travis H." <solinym@gmail.com>
Cc: cryptography@metzdowd.com
In-Reply-To: <d4f1333a0603211244m71a124b6pe072154d7b731d53@mail.gmail.com>
Travis H. wrote:
> Hi,
>
> Does anyone have a good idea on how to OWF passphrases without
> reducing them to lower entropy counts? That is, I've seen systems
> which hash the passphrase then use a PRF to expand the result --- I
> don't want to do that. I want to have more than 160 bits of entropy
> involved.
>
More than 160 bits is a wide-ranging requirement.
Entropy is a highly discussed unit of measure.
Anyway, keep it simple, use a larger hash: SHA-256, SHA-512, or for hash
with user-selectable size, MASH:
International standard document ISO/IEC 10118-4:1998, Information
technology - Security techniques - Hash-functions - Part 4:
Hash-functions using modular arithmetic
Regards,
--
- Thierry Moreau
CONNOTECH Experts-conseils inc.
9130 Place de Montgolfier
Montreal, Qc
Canada H2M 2A1
Tel.: (514)385-5691
Fax: (514)385-5900
web site: http://www.connotech.com
e-mail: thierry.moreau@connotech.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
