[4191] in cryptography@c2.net mail archive
Re: Strengthening the Passphrase Model
daemon@ATHENA.MIT.EDU (Dianelos Georgoudis)
Thu Feb 11 14:25:46 1999
Date: Thu, 11 Feb 1999 07:03:09 -0600
From: Dianelos Georgoudis <dianelos@tecapro.com>
To: cryptography@c2.net
Reply-To: dianelos@tecapro.com
X-Return-Receipt-To: dianelos@tecapro.com
On Wednesday, February 10, 1999 16:17:48 -0500 (EST) you wrote:
>I think the best thing would be to display about 10 - 20 random diceware
>words and let the user construct a phrase out of them that (s)he finds
>reasonably easy to recall.
>
>For instance: dwarf nutmeg ale delta cb tans riot saint polka
>
>"nutty meg and the saint caused a dwarf polka riot"
>
>This has at least 64 bits of entropy, and probably a lot more (but the
>rest is hard to measure). Or even, "... the saint of ale ...."
I expound a similar idea (with tables for computing the resulting entropy,
etc)in www.tecapro.com/makepass.htm
Here you will find a free pass phrase constructor program as well as a free
list of common and short English words. Our list is shorter (4096 words) than
diceware's but its words are more common and easier to remember.
Recently we have been developing a personal key manager (it uses 3 key 3DES,
Blowfish and GodSave - an "overkill" style cipher developed by us). What is
nice about this product is that it integrates seamlessly with any Windows
application asking for a password. Please send me an email if you would like
to get a beta to play with.
>> 3. PGP should be available on a bootable CD-ROM for the major platforms.
>
>As others have pointed out, no one would reboot to use PGP. 'Nuff said.
It would be nice to have the option though. The bootable CD-ROM should include
an email-client that does not use any of the hard disk based OS, correct?
Dianelos Georgoudis
email: dianelos@tecapro.com
http://www.tecapro.com
