From: Nomen Nescio on 23 May 2010 11:26 Hi, If we consider a password of n characters, given the user will probably likely enter only alpha characters and numbers and a small set of characters like @#$ etc. how do we calculate the actual entropy of the password? Thanks.
From: amzoti on 23 May 2010 13:17 On May 23, 8:26 am, Nomen Nescio <nob...(a)dizum.com> wrote: > Hi, > > If we consider a password of n characters, given the user will probably > likely enter only alpha characters and numbers and a small set of > characters like @#$ etc. how do we calculate the actual entropy of the > password? Thanks. See the bottom of: http://en.wikipedia.org/wiki/Password_strength Also - see this NIST excel spreadsheet that does this. [XLS] NIST SP 800-63 password policy compliance checker - Password ... File Format: Microsoft Excel - View as HTML 12, Many password policies (including those based on the NIST Special Publication 800-63) use the concept of "entropy" to determine password length and ... www.chrisnowell.com/.../NIST%20SP%20800-63%20password%20checker.xls - Similar
From: amzoti on 23 May 2010 13:20 On May 23, 8:26 am, Nomen Nescio <nob...(a)dizum.com> wrote: > Hi, > > If we consider a password of n characters, given the user will probably > likely enter only alpha characters and numbers and a small set of > characters like @#$ etc. how do we calculate the actual entropy of the > password? Thanks. See Appendix A - but download the excel ss i sent earlier. http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
From: unruh on 23 May 2010 13:33 On 2010-05-23, Nomen Nescio <nobody(a)dizum.com> wrote: > Hi, > > If we consider a password of n characters, given the user will probably > likely enter only alpha characters and numbers and a small set of > characters like @#$ etc. how do we calculate the actual entropy of the > password? Thanks. entropy is a realtive number, it depends on the set and selection process. For example, If the attacker happens to know that the password used has a special meaning for the user, then the entropyis 0. If you assume that the letters, characters, numbers used are used according to their distribution in Shakespeare, you get another number. If you assume that the pairs of letters (q is always followed by u for example) still another one. There is no "entropy of the password". It also depends on the attacker and his procedure for doing an exhaustive search on the password. That is the only true measure, and of course, unless you know the attacker, impossible to know. So you guess, and your guess will be different from mine. >
From: Gordon Burditt on 23 May 2010 14:38
>If we consider a password of n characters, given the user will probably >likely enter only alpha characters and numbers and a small set of >characters like @#$ etc. how do we calculate the actual entropy of the >password? Thanks. If the user chooses at random from z equally likely possible passwords, say, by rolling dice, the number of bits of entropy represented in the password is log2(z), where log2() is the logarithm base 2 function. This can also be written as log(z)/log(2), where log() is a logarithm in any base but you have to use the same base for both log() functions in the formula. Examples: random decimal digit (10 choices) = 3.32 bits. random hexadecimal digit (16 choices) = 4.00 bits. random alphabetic lower-case letter (26 choices) = 4.7 bits. random alphanumeric letter (both cases and digits) (62 choices) = 5.95 bits. If you choose a word at random from a 1,000-word word list, that represents 9.97 bits of entropy. For passwords n characters (or words) long with characters (or words) chosen from the same set, you can use the formula: log(z**n) = n*log(z) so, for example, a 10-character alphabetic lower-case password has 10*4.7 = 47 bits of entropy. A 12-digit random hexadecimal number has 12 * 4 = 48 bits of entropy. A 5-word phrase with words chosen randomly from a 1000-word list has 5*9.97 = 49.85 bits of entropy. If the choices are not equally likely (a big problem when users just "think up" a password), the formula gets more complicated, or perhaps you can't model the user's password generation process at all. |