From: erik quanstrom <quanstro@quanstro.net>
To: 9fans@9fans.net
Subject: Re: [9fans] offered without comment or judgement
Date: Tue, 29 Jun 2010 15:32:28 -0400 [thread overview]
Message-ID: <cc46666fc01b510fb0ab8df960136c36@ladd.quanstro.net> (raw)
In-Reply-To: <AANLkTim_3pauNZbTQm-uyoWv0m09MaW8wPeKtdSLCVPG@mail.gmail.com>
> The length of the phrase is actually in fact tied explicitly to
> memory. The longer a string of characters, the more difficult it is to
> remember. That's just fact
repeating this doesn't make it true, but it does make
the phrase easier to remember. so i think your argument
is its own defeat. the gettysburg address is fairly easy for
me to remember. but i don't think i'd have such an easy
time on a randomly-choosen 285-word phrase.
clearly something this long is not necessary. i'm sure you
have made-up phrases with non-words you tell our dog.
that should be easy to remember, not on the internet, and
have the added bonus that you get to smile while typing your
password.
> When talking about symmetric cryptography, "four score and seven years
> ago" would probably be a great key. There is no convenient rainbow
> table upon which to do a hash lookup. It's sufficiently expensive to
> brute-force.
i'm not convinced of this. here's why. i was reading yesterday
about a research-project that built a machine that could try 1 billion
rsa keys/sec. now consider such a machine in the possession of bad
guys. for them it would make sense to harvest nearly every phrase
you can find on the internet and try it. the hard part would be
crawling the net.
- erik
next prev parent reply other threads:[~2010-06-29 19:32 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-06-28 22:32 ron minnich
2010-06-28 23:10 ` Ethan Grammatikidis
2010-06-29 2:28 ` Wes Kussmaul
2010-06-29 2:46 ` Stanley Lieber
2010-06-29 17:13 ` Wes Kussmaul
2010-06-29 17:27 ` Devon H. O'Dell
2010-06-29 18:30 ` Steve Simon
2010-06-29 18:41 ` Devon H. O'Dell
2010-06-29 18:57 ` erik quanstrom
2010-06-29 19:13 ` Devon H. O'Dell
2010-06-29 19:32 ` erik quanstrom [this message]
2010-06-29 20:00 ` Devon H. O'Dell
2010-06-30 11:28 ` erik quanstrom
2010-06-30 15:22 ` Wes Kussmaul
2010-06-30 16:22 ` Devon H. O'Dell
2010-06-29 20:09 ` Wes Kussmaul
2010-06-29 21:34 ` Steve Simon
2010-06-29 19:19 ` Wes Kussmaul
2010-06-29 3:46 ` erik quanstrom
2010-06-29 8:07 ` Akshat Kumar
2010-06-29 9:14 ` hiro
2010-06-29 9:17 ` erik quanstrom
2010-06-29 19:59 ` ron minnich
2010-06-29 13:43 ` Gabriel Díaz
2010-06-29 16:54 ` hiro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cc46666fc01b510fb0ab8df960136c36@ladd.quanstro.net \
--to=quanstro@quanstro.net \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).