CDR: Re: Is kerberos broken?

[Sampo A Syreeni]

On Fri, 1 Sep 2000, Steven Furlong wrote:

>I used to work for a full-text indexing company. (So I can argue from
>a position of authority, and you can't dispute anything I say. ;-) )
>The problem of indexing and matching text is not a hard problem in the
>mathematical sense, but it quickly becomes computationally gruesome.

I know, I know. No essential difference between text and pure binary data
except a more limited alphabet and even lower mean entropy per symbol sent.

>For myself, I often use as pass phrases memorized phrases from
>literature. Which ones? Well, I read four languages, and I do the
>number/letter and symbol/letter substitutions, so I feel secure even
>revealing that clue.

Good for you. Most people never go to even that much trouble. But I still
think that dictionary searches on, say, all consequtive subsequences of
6-200 characters in the top 100 most likely to have been read books of a
given adversary, with common variations (suppression of punctuation, all
upper and lower case, adjunction of numbers below from 0-999 in the
beginning and end of the phrase, all caps with first capital and vice versa,
for the phrase and all words etc.) does not get too hard too fast,
especially if we have statistics of people's habits which allow us to work
the more likely candidates (like all lower case with little extra
changes) first. And it *is* likely to work for the majority of adversaries.

I also conceed to your point: serious crypto buffs like most people on this
list would probably have little to fear from such attacks...

Sampo Syreeni <decoy at iki.fi>, aka decoy, student/math/Helsinki university