At 12:12 PM 12/10/2000 -0500, you wrote:
>
-------------------------------- snip ---------------------------------------
>
>Finally, I'd like to see software that employs passphrases offer to
>suggest a passphrase, rather than let the poor user sort through all
>the conflicting -- and often bad -- advice that is out there. After
>all, any public key system has to have a good source of true
>randomness. And if you don't trust that software, you shouldn't be
>giving it you passphrase under any circumstances.
>
>Arnold Reinhold
>
>
Arnold:
Document Security Manager has offered a 14 bits-per-word, known-entropy
nonsense-phrase generator in the Professional version's "change passphrase"
function for quite some time. See
http://www.CerberusSystems.com/INFOSEC/products/docusec.htm
It simply uses its ANSI X9.17c keystream generator to generate addresses
for an included 16K-word dictionary, similar to your Diceware concept. It's
hardly rocket science, and users seem to find it helpful in an unburdensome
way.
Albert P. BELLE ISLE
Cerberus Systems, Inc.
================================================
ENCRYPTION SOFTWARE with
Forensic Software Countermeasures
http://www.CerberusSystems.com
================================================