this post was submitted on 19 Jun 2024
111 points (99.1% liked)
Privacy
32103 readers
540 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Technically yes. But the method is by far strong enough that this isn't an issue. This is sort of always the issue with calculating entropy. We say that
password
has less entropy than8(A>Ni'[
. But that is baking in assumptions about the search space. Ifpassword
is a randomly generated string of lower, upper, numbers and symbols it is just as secure as the latter. (80^8^ ≈ 10^15^ candidates) but if password was generated as just lowercase characters it is far less secure (26^8^ ≈ 10^11^ candidates) but if it was a random dictionary word it is not very secure at all (≈ 10^5^ candidates) and if it was chosen as one of the most popular passwords it is even less secure. How can one password have different entropy?The answer is basically it matters how the attacker searches. But in practice the attacker will search the more likely smaller sets first, then expand to the larger. So the added time to search the smaller sets is effectively negligible.
What may be more useful is the "worst case" entropy. Basically the attacker knows exactly what set you picked. For the
password
case that is 1 because I just picked the most common password. For the rolling method described above it is 6^5^6^ ≈ 10^23^ because even if they know the word list they don't know the rolls. You may be able to go slightly higher by building your own word list, but the gains will probably be fairly small and you would likely get far more value just by rolling one more word on the existing list than spending the time to generate your own.