17 Dec
2003
17 Dec
'03
11:17 p.m.
There's an interesting issue here: is it feasible to construct an enumeration based on the 50-60 bits of information?
This does present some problems to an attacker. There's a tradeoff between the effective key length and the complexity of the enumerator to generate these keys. The fancier the model, the lower the passphrase entropy, but the harder -- and slower -- it becomes to use. This all seems hard to quantify, though. Eli ebrandt@hmc.edu