That's an interesting use case, so I thought I'd compare it against something like diceware[0] which is dictionary based but generally accepted to have strong levels of entropy. N.b.: I'm using a Shannon calculator[1].
Let's use the two most forthcoming examples on hand, that is: the IPv6 address from this article's demo, A = 29A1:A600:F19B:B703:7080:5387:3685:A2AF, and the diceware example from xkcd/936, B = correct horse battery staple[2]. Using the Shannon entropy calculator, we find that A has entropy H(X) = 3.55397. The same analysis of B returns H(X) = 3.49468.
Now that's Shannon entropy which calculates the entropy of an outcome in relation to itself, and not the entropy of an outcome from a set of potential outcomes. To do that, we might start with analyzing the number of potential outcomes an IPv6 address can take (340 undecillion[3]) versus the number of words on our diceware list (~7,776 English words[0]) by the number of words our diceware passphrase potentially uses.
In the case of IPv6, you have a 'finite' number of combinations, albeit of fixed length, whereas the unfixedness of diceware means that, theoretically, the scheme scales upward into infinity. That's probably not practical, and one could simply add additional sets to an IPv6 address in order to remove that advantage. So, where does that leave us?
Well, I'm not sure that I'd like to say, but at least I can examine things this way: using an IPv6 address is probably secure, but is the added overhead of a translating agent between your memorization utility and password input worth it? At least, when compared against something like a four word diceware passphrase, it seems the entropic gains perhaps aren't worth the additional computational overhead.
Let's use the two most forthcoming examples on hand, that is: the IPv6 address from this article's demo, A = 29A1:A600:F19B:B703:7080:5387:3685:A2AF, and the diceware example from xkcd/936, B = correct horse battery staple[2]. Using the Shannon entropy calculator, we find that A has entropy H(X) = 3.55397. The same analysis of B returns H(X) = 3.49468.
Now that's Shannon entropy which calculates the entropy of an outcome in relation to itself, and not the entropy of an outcome from a set of potential outcomes. To do that, we might start with analyzing the number of potential outcomes an IPv6 address can take (340 undecillion[3]) versus the number of words on our diceware list (~7,776 English words[0]) by the number of words our diceware passphrase potentially uses.
In the case of IPv6, you have a 'finite' number of combinations, albeit of fixed length, whereas the unfixedness of diceware means that, theoretically, the scheme scales upward into infinity. That's probably not practical, and one could simply add additional sets to an IPv6 address in order to remove that advantage. So, where does that leave us?
Well, I'm not sure that I'd like to say, but at least I can examine things this way: using an IPv6 address is probably secure, but is the added overhead of a translating agent between your memorization utility and password input worth it? At least, when compared against something like a four word diceware passphrase, it seems the entropic gains perhaps aren't worth the additional computational overhead.
[0] http://world.std.com/~reinhold/diceware.html
[1] http://www.shannonentropy.netmark.pl
[2] http://xkcd.com/936/
[3] http://en.wikipedia.org/wiki/IPv6