[prev in list] [next in list] [prev in thread] [next in thread]
List: cryptography
Subject: Re: Strengthening the Passphrase Model
From: David Jablon <dpj () world ! std ! com>
Date: 1999-03-18 17:30:12
[Download RAW message or body]
At 01:03 AM 3/18/99 GMT, Ian Goldberg wrote:
> In article <v03130300b2e74ce2cecc@[24.128.119.92]>,
> Arnold G. Reinhold <reinhold@world.std.com> wrote:
>>>> 2. PGP should burn computer time hashing the passphrase. While you cannot
>>>> increase the entropy of a passphrase with an algorithm, ...
But, you can increase the entropy of a passphrase-derived
session key with a key amplifier. In a better situation,
this might help.
>> At 7:47 AM +0000 2/10/99, Antonomasia wrote:
>>>> From memory, Rivest and Wagner have a paper on crypto time locks [...]
Arnold:
>> ... I don't see how it applies here. Finding a passphrase by
>> exhaustive search is an inherently parallel problem.
Ian:
> Indeed; the more appropriate paper to read is "Secure Applications of
> Low-Entropy Keys." John Kelsey, Bruce Schneier, and David Wagner. 1997
> Information Security Workshop. ...
Stretching partially deters attack on stored data.
What you really want is to move your sensitive
password-derived data to a safer place.
And if you can't find that one perfect spot,
how about splitting the password-encrypted key,
keeping part on some hopefully-secure and available server,
and part locally? Then no one compromise permits
exhaustive search.
-- dpj
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic