On Sun, Sep 27, 2015 at 16:15:34 CEST, Michael Kjörling wrote: > On 27 Sep 2015 16:08 +0200, from arno@xxxxxxxxxxx (Arno Wagner): > >> Whether is 'cleft cam synod lacy yr wok' more secure than 'nXRUzbL6' (a > >> random 'pwgen' generated password)? > > > > Also refer to FAQ Item 5.1. The first pasphrase will have something > > like 13...29 bits of entropy, > > Now I'm curious. Given that 6 × log2(6^5) ~ 77.6, and Diceware uses a > 6^5 word dictionary, how did you arrive at the range 13 through 29 > bits of entropy? > > Note that even when using the English Diceware word list, you cannot > assume the same entropy per character or word as in English prose > precisely because the advice for generating Diceware passphrases > specifically suggest _repeating the process_ if one ends up with a > passphrase that actually makes sense. I have no idea what Diceware does, and there was no reference to this being a Diceware-generated passphrase. If it is, the calculation is different. Ok, judging from their website: 8000 words gives them 13 bit per word. Ok, with that they are at 77 bits for said passphrase, which is much better and likely secure. The difference to ordinary words is most likely due to them having chosen words far shorter than is average in english. Regards, Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. -- Plato If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
