Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC

Ben Laurie (ben@algroup.co.uk)
Mon, 04 Jan 1999 16:46:58 +0000

• Next message: Mok-Kong Shen: "Update of my WEAK4-EX"
• Previous message: Adam Shostack: "Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC"
• In reply to: Ben Laurie: "Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC"

Adam Shostack wrote:
>
> On Sun, Jan 03, 1999 at 06:45:41PM +0000, Ben Laurie wrote:
> | Anonymous wrote:
> | > We went over all this already on one of the crypto lists. Elliptic curve
> | > has no advantage in this regard. Using any of these methods will probably
> | > significantly weaken your key, unless you have a much stronger passphrase
> | > than most people use.
> |
> | How do you know the strength of most people's passphrases?
>
> There is a substantial body of research over the last 20 (or
> more) years, showing consistently that most people will, given the
> chance, select their password from a very small, and easily searched
> space. There is no reason to believe that changing the word
> 'password' to 'passphrase' will suddenly shift people's behavior.

Hmmm ... well, it changed mine!

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
     - Indira Ghandi

• Next message: Mok-Kong Shen: "Update of my WEAK4-EX"
• Previous message: Adam Shostack: "Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC"
• In reply to: Ben Laurie: "Re: Death of PGP Key 0xFBAF5E44 at 19:03 02 Jan 1999 UTC"