Information AboutDiceware |
| CATEGORIES ABOUT DICEWARE | |
| authentication methods | |
| dice | |
| randomness | |
|
Diceware is a method for creating Passphrase s, Password s and other cryptographic variables using ordinary Dice as a Hardware Random Number Generator . For each word in the passphrase, five dice rolls are required. The numbers that come up in the rolls are assembled as a five digit number, e.g. ''43146.'' That number is then used to look up a word in a word list. In the English list ''43146 '' corresponds to ''munch.'' Lists have been compiled for several languages, including English, Finnish, German and Spanish. A Diceware word list is any list of unique words, preferably ones the user will find easy to spell and to remember. The level of unpredictability of a Diceware passphrase can be easily calculated: each word adds 12.9 bits of Entropy to the passphrase (that is, bits). Five words (slightly over 64 bits) are considered a minimum length. Some people feel Diceware passphrases are too difficult to remember and recommend other methods, such as using the initial letters of a memorable phrase (for instance, " To Be, Or Not To Be , that is the question" becomes ''2bor~2b,titq''). Estimating the entropy of the phrase using the latter approach is more difficult. If the length of Diceware passphrases are assumed to be known to an attacker, then the passphrases yields less entropy than the ideal 64.62 bits when used with dictionaries containing variable-length words. This is because the length of the resulting passphrases "leak" information about their composition. REFERENCE
SEE ALSO
EXTERNAL LINKS
|
|
|