Perhaps keyspace analysis and randomness analysis should be done from a Bayesian technique, with the the potential perspective of the cracker, or your estimate of the potental prospective of the cracker as a priori conditions. Hamlet could well qualify as a random string, however if your cracker was using 'Great Books of Western Civ' as a dictionary source, it would not be so good. ----------------------------------------------------------------------- Jay Holovacs <holovacs@ios.com> ----------------------------------------------------------------------- PGP Key fingerprint = AC 29 C8 7A E4 2D 07 27 AE CA 99 4A F6 59 87 90 On Wed, 17 Apr 1996, Simon Spero wrote:

On Wed, 17 Apr 1996, Mark Rogaski wrote:

...

Is it possible to find a percentage of the key space to eliminate that will optimize security assuming that the attacker will try the easy stuff first (and is it possible to quantify "easy stuff")?

Hmmm- I think this could be interesting to study; if we treat the space of possible passwords as a non-uniform probability distribution (Zipfian?), and then transform it in such a way to be uniform (by having the probability of certain passwords being disqualified be based on their relative probability it should be possible to get a situation where all passwords are possible, and all have equal probability.