On Sun, Dec 26, 2021 at 2:02 AM grarpamp <grarpamp@gmail.com> wrote:
Oops, wrong table, actually...
The range [a-z0-9] yields... 8c = 41b , 13c = 64b , 16c = 80b ... 25c = 128b
The range of 95 printable chars yields... 8c = 52b , 10c = 64b , 13c = 80b ... 20c = 128b
Obviously peoples's 8 char constructs are often worse than that, and few users will remember the 20+ random chars required to match 128bit crypto.
/usr/dict/words has roughly 220-250k entries, which is a much larger range that people think is great since now only 8 things (not 20+) are needed to beat 128 bits... 8w = 128b , 15w = 256b
Until they realize that memorizing even 8 drafted at true random from that can potentially be difficult...
f=words ; for w in $(jot 8 1) ; do echo -n "$w:" ; l=$(jot -r 1 1 $(wc -l $f | awk '{print $1}')) ; grep -n . $f | grep "^$l:" ; done | sed 's,:.*:,:,'
1:philologue 2:hypermakroskelic 3:misogynic 4:Platycercus 5:unapprehensiveness 6:stare 7:Hippolytidae 8:henotheism
So they start trying to cut the range down in various ways, often by regenerating until they get something they like which is really composed of a much smaller virtual brain range, or by ways like using from only the 4 to 8 char word size...
f=words ; for s in $(jot $(wc -L $f | awk '{print $1}') 1) ; do echo -n "$s:" ; egrep "^.{$s}$" $f | wc -l ; done | grep '^[4-8]:'
[snip]
Which leaves a range of roughly 85k words, which when combined with other cuts "sensemaking" and "memory easing", will remove available entropy, thus driving up the word count needed to match 128 bit equivalence.
12 words randomly chosen from the 1700 most popular words will yield 128 bits, 13 from 1000, 11 from 3200, 8 from 66000, etc.
It's assumed no one has ever cracked 128-bit anything, so less than that might still be available, for lifetime purposes, by seeing if whatever has been cracked to date, plus a nice safety margin of say 32 bits or whatever bumps it out beyond need.
Yes, understand, but remembering a 'story' is IHMO the same as remembering a poem we've learned at school.
Not necessarily because to actually achieve the expected entropy the "made-up story" must be unlimited to choosing words which can represent the random chars, from a sizable range, which can yield a degree of nonsense. Human language is not random, it is constrained to using only words and structures that make sense, thus we have books, and to lesser sense art such as poem, lyric, etc.
Then there are... https://www.youtube.com/watch?v=9X0F1Qjn0Ac Things you never see And things Ratboi says like... "As soon as I put this hot poker in my ass I'm going to chop my dick off!" But since he already said and did that, best not use it as a passphrase.
And now with AI able to assemble words according to human language structures, and dump them through ASIC powered crack engines, relying only on simplistic made-up stories might not be sufficient either. For example, if your respective substitution range is only 95 words, you need 20+, same as if your story is kinder-school level.
Beating the machines requires modelling combinations of a variety of elements and calculating estimates of the real entropy expected from what methods are being used.
Quantum or not, entropy is hard for the human brain to manage. A few people have more luck than others...
Sorry for the full quote, and thanks for your detailed reply. Much appreciated!
And after a good run in with Dr. Rubberhose, you might not even remember your name.
As you may know, Dr. Rubberhose and his team have only valid work permits for the United States and the United Kingdom ... Regards Stefan