How Much Assurance Does a PIN Provide?

  title={How Much Assurance Does a PIN Provide?},
  author={Jon Louis Bentley and Colin L. Mallows},
We would like to quantify the assurance contained in an authentication secret. For instance, how much assurance does a customer convey to a bank by revealing that his Personal Identification Number (PIN) is 1111? We review a number of previously proposed measures, such as Shannon Entropy and min-entropy. Although each is appropriate under some assumptions, none is robust regarding the attacker’s knowledge about a nonuniform distribution. We therefore offer new measures that are more robust and… CONTINUE READING


Publications referenced by this paper.

Similar Papers

Loading similar papers…