From 10a29a819645fbe47db44124036cc414da52aada Mon Sep 17 00:00:00 2001 From: Rohan Kumar Date: Sun, 17 Jan 2021 23:59:09 -0800 Subject: [PATCH] Mention exhaustive key searches --- content/posts/password-strength.gmi | 2 +- content/posts/password-strength.md | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/content/posts/password-strength.gmi b/content/posts/password-strength.gmi index d2968f9..5e2ceae 100644 --- a/content/posts/password-strength.gmi +++ b/content/posts/password-strength.gmi @@ -34,7 +34,7 @@ A good measure of password strength is *entropy bits.* The entropy bits in a pas A brute-force attack that executes 2ⁿ guesses is certain to crack a password with n entropy bits, and has a one-in-two chance of cracking a password with n+1 entropy bits. -For scale, AES-256 encryption is currently the industry standard for strong symmetric encryption, and uses key lengths of 256-bits. An exhaustive key search over a 256-bit key space would be up against its 2²⁵⁶ possible permutations. +For scale, AES-256 encryption is currently the industry standard for strong symmetric encryption, and uses key lengths of 256-bits. An exhaustive key search over a 256-bit key space would be up against its 2²⁵⁶ possible permutations. When using AES-256 encryption with a key derived from a password with more than 256 entropy bits, the entropy of the AES key is the bottleneck; an attacker would fare better by doing an exhaustive key search for the AES key than a brute-force attack for the password. => https://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard (Wikipedia) diff --git a/content/posts/password-strength.md b/content/posts/password-strength.md index d5b75dd..5d5bd1c 100644 --- a/content/posts/password-strength.md +++ b/content/posts/password-strength.md @@ -78,7 +78,10 @@ with *n*+1 entropy bits. For scale, [AES-256](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) encryption is currently the industry standard for strong symmetric encryption, and uses key lengths of 256-bits. An exhaustive key search over a 256-bit key space would -be up against its 2256 possible permutations. +be up against its 2256 possible permutations. When using AES-256 +encryption with a key derived from a password with more than 256 entropy bits, the +entropy of the AES key is the bottleneck; an attacker would fare better by doing an +exhaustive key search for the AES key than a brute-force attack for the password. To calculate the entropy of a password, I recommend using a tool such as [zxcvbn](https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/wheeler)