CDR: Re: Is kerberos broken?
BENHAM TIMOTHY JAMES
bentj93 at itsc.adfa.edu.au
Sat Sep 2 18:38:30 PDT 2000
>
> At 12:00 PM 8/31/00 -0400, Joseph Ashwood wrote:
> >No but I feel free to type a hundred or so, but that's beside the
> >point. The claim made was that anything a human can remember, a
> >computer can brute force, this was simply one very clear example that
> >it simply was not true, as I rather thoroughly established.
>
> Anything large that a human can remember has enough structure so that you
> don't need brute force, you use a dictionary-based attack.
A human can easily remember 26 random letters from a 32 character
alphabet with a little mnemonic method (eg map each character to a
word so that it makes up some sort of dumb story). 5*26==130 which
is more bits than computers can currently exhaust over.
More information about the cypherpunks-legacy
mailing list