I’m not proposing any protocols here, I’m talking about passwords, which is what I’ve spent the last year or so doing now. An interesting problem, which came up in my thesis, is how to tell how strong an individual password is. There’s a growing body of publications on how to assess the strength of a big pile of passwords. So if a bunch of passwords leak from a new website there are some measures that I’ve developed, and some things other people have worked on, to try and compare this new body of passwords to all of the passwords at a different website. But the world of analysing a single password is still in the dark ages I would say. Obviously the difference is that with a group of passwords you can start to do statistics, and you can look at how many passwords are repeated within that set, whereas if you just have one password you have to reason about what set it came from.