[messaging] Peerio

Joseph Bonneau jbonneau at gmail.com
Fri Jan 16 19:14:58 PST 2015


On Fri, Jan 16, 2015 at 10:07 PM, Watson Ladd <watsonbladd at gmail.com> wrote:

> On Fri, Jan 16, 2015 at 4:07 PM, Joseph Bonneau <jbonneau at gmail.com>
> wrote:
> Furthermore, estimates of the entropy of any user entered text are
> likely to be wildly high. How many people are going to enter in the
> first line of Ozymandias, or Ulysses, or some other memorable book?
> We've done the experiment with brain wallets for bitcoin already:
> didn't look so good.


I actually have published quite extensively about this :-) Estimates of
password strength are indeed usually high (and as an important aside,
Shannon entropy is completely the wrong metric, I would recommend simply
using min-entropy among several possible metrics.)

I was under the impression this is not a user-chosen password by a
randomly-chosen list of words, in which case estimates are dead on.

>> More and more systems are using scrypt for password hashing.  Does
> >> anyone know the state-of-the-art in scrypt cracking?
>
> With a slight change to the masks, could use local generation of
> password guesses to remove bandwidth barrier. What about FPGA?
>

This is feasible if you're doing very simple brute force (e.g. all 12
character printable ASCII strings) but if you're using any more
sophisticated algorithm to generate more likely guesses based on known
structures common in passwords, local generation is going to make the ASIC
design considerably more complicated.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20150116/9a1af01a/attachment.html>


More information about the Messaging mailing list