[4180] in cryptography@c2.net mail archive
Re: Strengthening the Passphrase Model (was Re: PGP compromised
daemon@ATHENA.MIT.EDU (Bill Frantz)
Wed Feb 10 14:09:53 1999
In-Reply-To: <v03130302b2e5f5da6f4e@[24.128.119.92]>
Date: Tue, 9 Feb 1999 23:11:43 -0700
To: "Arnold G. Reinhold" <reinhold@world.std.com>,
nelson@media.mit.edu (Nelson Minar), cryptography@c2.net
From: Bill Frantz <frantz@netcom.com>
I like your suggestions Arnold. However...
At 7:46 AM -0700 2/9/99, Arnold G. Reinhold wrote:
>2. PGP should burn computer time hashing the passphrase. While you cannot
>increase the entropy of a passphrase with an algorithm, you can make
>exhaustive search far more difficult.
This technique will be useful against most retail attacks. However, if
your attacker is snarfing as many secret keys as she can, then she can
check many keys against each hash, reducing the cost/key. In the limit,
she has been spending the last year calculating a table of hashes for all
the words/phrases in her dictionary, and storing them on disk.
In the case where PGP suggests a passphrase, perhaps it should suggest a
poem. People use poetry to remember and pass complex information long
before the invention of writing. People are good at memorizing poetry.
-------------------------------------------------------------------------
Bill Frantz | Macintosh: Didn't do every-| Periwinkle -- Consulting
(408)356-8506 | thing right, but did know | 16345 Englewood Ave.
frantz@netcom.com | the century would end. | Los Gatos, CA 95032, USA
