Bit in the hash table each word marks up to k bits

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: huge tables from a number of free sites •  Decent sized hashes make the rainbow table pre- computa'on space infeasible Calcula'ng Password System Strength using Time Anderson’s formula: •  P probability of guessing a password in specified period of 'me of length T •  G number of guesses tested in 1 'me unit •  T number of 'me units •  N number of possible passwords •  Then P = (TG/N) 26 Example •  Goal –  Passwords drawn from a 96- char alphabet –  Can test 104 guesses per second –  Probability of a success to no more than 0.5 over a 365 day period –  What is minimum password length? •  Solu'on –  N = TG/P = (365×24×60×60)×104/0.5 = 6.31×1011 s –  Choose s such that ∑ j =0 96 j ≥ N –  So s ≥ 6, meaning passwords must be at least 6 chars long –  What exactly does that equa'on mean? •  Total # passwords using 96 chars, of length s or less 27 Approaches: Password Selec'on •  Random selec'on –  Any password from A equally likely to be selected –  See previous example –  Make sure it’s random! •  Pronounceable passwords •  User selec'on of passwords 28 1Password Remembers passwords, can create them •  Bundle of passwords encrypted, stored in Dropbox Pronounceable Passwords •  Generate phonemes randomly –  Phoneme is unit of sound, e.g. cv, vc, cvc, vcv –  Examples: helgoret, juCelon are; przbqxdfl, zxrptglfn are not •  ~ 440 possible phonemes •  4406 possible keys with 6 phonemes (12- 18 characters long), about...
View Full Document

This note was uploaded on 02/03/2014 for the course ECE 422 taught by Professor Nicol during the Fall '08 term at University of Illinois, Urbana Champaign.

Ask a homework question - tutors are online