At 11:42 AM 05/10/2000 +0200, Sergio Tabanelli wrote:
>Perhaps this can be out of topic, but recently I was involved in a
>discussion on metods to generate strong password starting from easy to
>remember word or sentence, there I proposed to use a private key to encrypt
>easy to remember words. Is this is a valid or applicable metod?
>
>[Ex Nihil, Nihil. If you start with only the universe of easy words,
>the maximum entropy of your passphrase is is limited. Pull, stretch,
>squish and mangle it any way you like -- you cannot increase the
>entropy of something by a deterministic algorithm. You can at best
>obscure it well.... --Perry]
Perry speaks the truth -- you can't use an algorithm to make a secret word
harder to guess.
On the other hand, there are strategies to counter particular threats
against passwords containing low entropy (i.e. easy to remember passwords).
If you can control the risk of off-line attacks (i.e. theft of the password
file) then attackers are stuck performing on-line attacks. The system under
attack can usually detect on-line attacks and take countermeasures to
reduce the risk of a successful penetration.
A related strategy is to combine the simple secret with a larger, more
random secret. But this provides better security only if you can keep
attackers from stealing the larger secret. One approach is to embed the
larger secret inside a tamper resistant device like a smart card, and set
up a protocol that doesn't allow the secret to leak out. But there's still
the challenge of protecting the copy of the secret stored on the server.
These alternatives aren't perfect, they just rearrange the risk a bit and
pose different challenges to the attacker. But that's enough protection for
some environments.
Rick.
[EMAIL PROTECTED]
