Re: One-line password generator

To: debian-user@lists.debian.org
Subject: Re: One-line password generator
From: "Thomas Schmitt" <scdbackup@gmx.net>
Date: Fri, 25 Aug 2017 16:46:33 +0200
Message-id: <[🔎] 258475530738137944@scdbackup.webframe.org>
In-reply-to: <[🔎] 1301579a-d313-ec03-330f-08115e339efc@yandex.com>
References: <[🔎] 1301579a-d313-ec03-330f-08115e339efc@yandex.com>

Hi,

i wrote:
> > One can estimate entropy by an approximation of the best possible
> > compression in the context of the knowledge of the reader.

Mario Castelán Castro wrote:
> In principle, yes, but in practice, not at all. File compressors [...]

I wrote "estimate", "approximation", and "best possible compression".
Of course gzip is not a very good approximation even if one subtracts the
header bytes. 

Better approximations are presented in the article. Given the time spans
and computing powers which were mentioned, i'd say they performed less
than 2 exp 50 tries to crack the majority of good passwords.
I.e. the compression which is established by their enumeration can squeeze
those good passwords to less than 50 bits of size. Of course, as any lossles
compression, it has to inflate other better passwords by at least one bit.

> > The second password class and my knowledge about it gives me not more
> > than a reduction of text bit number by 25 percent (6 bit text -> 8 bit
> > binary) and a couple of bits which are harder to harvest.

> This is a somewhat oversimplified analysis.

Wasn't it you who said in
  https://lists.debian.org/debian-user/2017/08/msg01260.html
  “alias gen-password="head -c 16 /dev/urandom | base64 | head -c 22 && echo"”

After exploiting the "base64" part to get my 25 percent, i'd go for
/dev/urandom. man 4 urandom says:
  "[...] if  there  is  not  sufficient  entropy  in  the
   entropy  pool, the  returned  values are theoretically vulnerable to a
   cryptographic attack on the algorithms used by the  driver."

So if the non-guessable information in the password shall be near 128 bit,
then i would consider to use /dev/random while writing a little love poem
to my coputer in order to fill the pool.

But even with only 64 bit of entropy (relative to our knowledge), we are
14 bits (= factor of 16384 tries) away from the majority of "good"
passwords in the article.
The testers would have to work 44.8 years rather than a day, or wait
23.9 years until Moore's law has caught up. (Somebody should compute how
long it lasts if they start now and keep their equipment updated to the
newest level.)

Have a nice day :)

Thomas

Reply to:

Follow-Ups:
- Re: One-line password generator
  - From: Mario Castelán Castro <marioxcc.MT@yandex.com>

References:
- Re: One-line password generator
  - From: Mario Castelán Castro <marioxcc.MT@yandex.com>

Prev by Date: Re: mijn e-mails
Next by Date: Re: Question to new network device names
Previous by thread: Re: One-line password generator
Next by thread: Re: One-line password generator
Index(es):
- Date
- Thread