Abstract
Cryptographic authentication relies on possession of a key by the party to be authenticated. Such a key is usually chosen randomly within its domain and can be of length from around 100 bits up to many thousands of bits, depending on the algorithm used and security level desired. Experience has shown [273, 741] that humans find it difficult to remember secrets in the form of passwords of even seven or eight characters. But if all upper- and lower-case letters are used together with the digits 0 to 9 then a random eight-character password represents less than 48 bits of randomness. Therefore we can conclude that even short random keys for cryptographic algorithms cannot be reliably remembered by humans. Another way to express this is that it can be assumed that a computer is able to search through all possible passwords in a short time.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer-Verlag GmbH Germany, part of Springer Nature
About this chapter
Cite this chapter
Boyd, C., Mathuria, A., Stebila, D. (2020). Password-Based Protocols. In: Protocols for Authentication and Key Establishment. Information Security and Cryptography. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-58146-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-662-58146-9_8
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-58145-2
Online ISBN: 978-3-662-58146-9
eBook Packages: Computer ScienceComputer Science (R0)