Advertisement

Password-Based Protocols

  • Colin Boyd
  • Anish Mathuria
  • Douglas Stebila
Chapter
Part of the Information Security and Cryptography book series (ISC)

Abstract

Cryptographic authentication relies on possession of a key by the party to be authenticated. Such a key is usually chosen randomly within its domain and can be of length from around 100 bits up to many thousands of bits, depending on the algorithm used and security level desired. Experience has shown [273, 741] that humans find it difficult to remember secrets in the form of passwords of even seven or eight characters. But if all upper- and lower-case letters are used together with the digits 0 to 9 then a random eight-character password represents less than 48 bits of randomness. Therefore we can conclude that even short random keys for cryptographic algorithms cannot be reliably remembered by humans. Another way to express this is that it can be assumed that a computer is able to search through all possible passwords in a short time.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2020

Authors and Affiliations

  • Colin Boyd
    • 1
  • Anish Mathuria
    • 2
  • Douglas Stebila
    • 3
  1. 1.Department of Information Security and Communication TechnologyNorwegian University of Science and TechnologyTrondheimNorway
  2. 2.Dhirubhai Ambani Institute of Information and Communication Technology (DA-IICT)GandhinagarIndia
  3. 3.Department of Combinatorics and OptimizationUniversity of WaterlooWaterlooCanada

Personalised recommendations