DM-Crypt Archive on lore.kernel.org
 help / color / mirror / Atom feed
From: Arno Wagner <arno@wagner.name>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] luksFormat Password Entropy
Date: Thu, 19 Aug 2010 20:35:32 +0200	[thread overview]
Message-ID: <20100819183532.GB22363@tansi.org> (raw)
In-Reply-To: <20100819142817.GA12238@fancy-poultry.org>

On Thu, Aug 19, 2010 at 04:28:17PM +0200, Heinz Diehl wrote:
> On 19.08.2010, Michael Matczynski wrote: 
> 
> > For luksFormat, is there a difference in password strength between the
> > following two passwords?
>  
> > 1.) <256bitsecret>
> > 
> > 2.) <256bitsecret> | base64
> 
> Yes, if both passwords have the same length and you choose a 
> password which 
> is built upon a base of at least more than 64 different chars.

The latter is no needed. base64 is an Isomprphism and as such
does not change total string entropy, regardless of input.
And the crypto-hash just cares about the entropy, not ho
it is encoded.

> The password strength (entropy) is calculated this way,
> 
>  B = ((L * log P) / log 2)

Hmm. I have 

   B[bit] = L * b[bit]        // L symbols
and 
   b[bit] = log2(P)           // entropy/symbol, all symbols equally probable
i.e.
   B[bit] = L * log2(P) 
          = L * ln(P) / ln(2)

Ok, matches. Although I find B = L * log2(P) easier to remember.
   
> where B is the entropy in bits, L is the length of the password, 
> and P is the amount of possible different chars (the "pool"). 
> So if you choose base64, P will always be 64, 

No, actually, the input can restrict P to something smaller.
Your formula only holds for equally probable symbols, with
probabilitoes independent. Symbols that do not show up (or
do no show up in specific locations) are not equally probable 
anymore...

> and if you choose a password which e.g. includes A-Za-z0-9
> of random chars as %!"/(] (and so on), P will be higher, 
> thus resulting in a higher strength of the overall password. 
>
> As long as you choose a password with P > 64, it will be stronger.

Yes, but if you coose a password with higher P, it will
be stronger. Nothing special about P=64. 


Arno

-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

  parent reply	other threads:[~2010-08-19 18:35 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-08-18 20:11 [dm-crypt] luksFormat Password Entropy Michael Matczynski
2010-08-19 13:54 ` Arno Wagner
2010-08-19 14:28 ` Heinz Diehl
2010-08-19 15:23   ` Heinz Diehl
2010-08-19 18:35   ` Arno Wagner [this message]
2010-08-21  7:30     ` Heinz Diehl
2010-08-21 17:41       ` Arno Wagner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20100819183532.GB22363@tansi.org \
    --to=arno@wagner.name \
    --cc=dm-crypt@saout.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox