We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.CR
< prev | next >
new | recent | 2404

Change to browse by:

cs

References & Citations

DBLP - CS Bibliography

listing | bibtex

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo

Computer Science > Cryptography and Security

Title: Expectation Entropy as a Password Strength Metric

Authors: Khan Reaz, Gerhard Wunder
(Submitted on 18 Mar 2024)
Abstract: The classical combinatorics-based password strength formula provides a result in tens of bits, whereas the NIST Entropy Estimation Suite give a result between 0 and 1 for Min-entropy. In this work, we present a newly developed metric -- Expectation entropy that can be applied to estimate the strength of any random or random-like password. Expectation entropy provides the strength of a password on the same scale as an entropy estimation tool. Having an 'Expectation entropy' of a certain value, for example, 0.4 means that an attacker has to exhaustively search at least 40\% of the total number of guesses to find the password.
Subjects: Cryptography and Security (cs.CR)
DOI: 10.1109/CNS56114.2022.9947259
Cite as: arXiv:2404.16853 [cs.CR]
  (or arXiv:2404.16853v1 [cs.CR] for this version)

Submission history

From: Khan Reaz [view email]
[v1] Mon, 18 Mar 2024 15:03:37 GMT (244kb,D)
Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)

Link back to: arXiv, form interface, contact.