Passphrase FAQ: Strength of the passphrase
Table of contents
The answer depends on how secure your passphrase needs to be. Start with a normal phrase and then with a bit of random help, distort it. Make a nonsensical phrase by changing words. Remember to switch the sentence structure around in a random fashion. Add a few random words or characters to enhance the security. The goal is to create something you can remember and last as long as a brute force attack on the IDEA key.
The phrase, "my unbreakable super pass phrase can't be beat", is weak by itself. So what if we change it some? "mile unbraking stupor past froze can tent bee beets" is all well and good except that in an attack, a homophone dictionary may be used. On the other hand, in one pass we have a nonsense phrase that has a different structure and words that don't quite logically connect. Add several random characters to make it impossible to guess by any means other than brute force and you are done. The phrase is fairly easy to remember because you used a normal phrase to construct it. If you forget the actual phrase you will probably be able to reconstruct it. Being human, we tend to do things the same in a predictable manner.
For more security, you can generate fully random phrases or character sequences. This will take time and may be difficult to remember. Your level of security is easy to control by limiting the key length. One nearly foolproof method is Diceware.
Now using what we know of absolute minimums and maximums of a passphrase, we can make up a little formula to calculate how secure any given passphrase is. For purposes here, random means really random. Pseudo-random methods like rnd() and linear congruential generators don't count here. The constants are based on the needs of PGP. You may need to change them for your use.
- PS = passphrase security
- FF = fudge factor (this is an attempt to include variables like nonsense phrases, odd spelling, punctuation, capitalization and numbers)
- RW = random words (Don't count as a nonsense phrase)
- RC = random characters
- RL = random letters
- OC = odd characters (other than lower case letters)
- LC = total character count (letters in whole words, spaces ignored) (don't count if a totally random system is used.)
- F1 = 0.5 = nonsensical phrases hooked together
- F2 = ? = odd spelling/misspelling, punctuation and capitalization (This is a permutation dependent on the number of characters changed and the length of the words used. To simplify use F2 = 4 * OC / LC)
- F3 = .09 = random numbers (exclude if F2 is used)
- FF = 1 + F1 + F2 + F3
- PS = RW/8 + RC/20 + RL/28 + LC/107 * FF
Calculating the passphrase security (PS) should be a simple matter for most people. A PS > 1 means it will be easier to attack the IDEA key before your passphrase will crack. A PS < 1 means that it is probably easier to attack your passphrase instead of the IDEA key. If you have a PS under 1, you may still have a secure passphrase. An estimate is that PS values less than .35 can be broken in less than a year. The formula is under construction and is only a guide number. There is hope that any errors are on the conservative side and it is probably possible to fool the formula.
These are examples of passphrases and the PS numbers associated with them. If you can work through these and get the same numbers, then you are well on your way to understanding how to make passphrases good or bad.
- .855 - Nonsense phrase. Example: betty was smoking tires in her peace of pipe organs and playing tuna fish.
- 1.05 - A random bunch of characters. Example: A6:o@6 Ls+\` uGX%3y[k
- 1.34 - Odd capitalization/punctuation and nonsense. Example: Web oF thE Trust is BrokEn cAn You Glue it Back ToGether? and give it xRays.
- .280 - An average phrase. Example: There is a sucker born every minute.
- 1.125 - Random words. Example: paper factors difference votes behind chain treaties never group
- .761 - Phrases with some random letters. Example: Ignorance is bliss. spgemxk Education cures ignorance.