Passphrase generation
Hi, I am wanting to learn how to generate a passphrase that is at least as strong as the IDEA algorithm. I have looked several other places on the web for an answer to this, but they all had different things to say that didn't add up (no pun intended :). The IDEA algorithm it seems is 2^128 = 3.402823669209e+38 = 16 bytes (charactors). The charactor count seems kinda small (I am presuming the 16 charactors are truely random). Indeed, 128(ASCII charactor set)^16 = 5.192296858535e+33. Is my thinking right here? Is it better to do this- 94(printable ASCII set)^20 = 2.901062411315e+39, yielding 20 charactors? Also, if you come up with a phrase and put enough (perhaps 5 or 6) ASCII nonsense in there for it not to be in any crack dictionaries, how random is that? Is it only as random as the extra charactors you put in? How would you calculate that? Also, how many charactors do you have to add of a set to add its permulations (i.e. Does gibber&sh add all ASCII symbols to the equation)? Thanks, Internaut
-----BEGIN PGP SIGNED MESSAGE----- Internaut <unde0275@frank.mtsu.edu> writes:
Hi, I am wanting to learn how to generate a passphrase that is at least as strong as the IDEA algorithm. I have looked several other places on the web for an answer to this, but they all had different things to say that didn't add up (no pun intended :).
Chech out the cannonical passphrase FAQ: http://www.stack.nl/~galactus/remailers/passphrase-faq.html This one has some quick reminders of what to do and not to do http://www.encryption.com/pphrase.htm Bottom line, totally random ASCII will have lots of bits per character, but english has about 1.2 bits per character. Misspellings can add to that, depending on the extent of mutillation . Combining certain words can make your passphrase weaker (such as "To be or not to be," "This is my passphrase," etc.). HTH, Jer "standing on top of the world/ never knew how you never could/ never knew why you never could live/ innocent life that everyone did" -Wormhole -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQB1AwUBMv48Bskz/YzIV3P5AQGSaQMAjrTuhDUZ4THFFN9wgV8DhODJtHSGnmBM EPmo02rXsN4gslmVpV9+k7sRTOvuZ+vCYvNQL+knaMz4QiNsz8FUleUqo3v5Nx1w 7pJjcWK1wvKe9Y6ky6PXnAECRZ73gVuj =P1Zh -----END PGP SIGNATURE-----
participants (2)
-
Internaut -
Jeremiah A Blatz