Hi all,
regarding my previous thread about memorizing a 128/256 bit key,
I came up with the following idea to create Argon2id keys.
Now we only need to memorize our Diceware passphrase.
This task shoulb be carried out on an offline Computer.
I am using four Golang programs, called dwp (diceware passphrase),
dice2bip, leetspeak and argon2id, which you can find on my GitHub
page at:
https://github.com/stefanclaas/
Usage of leetspeak is optional.
First we start with dwp:
$ dwp -r 6 -d eff_large_wordlist.txt -p
Diceware number 1: 51534 - reselect
Diceware number 2: 25455 - envelope
Diceware number 3: 42252 - nuptials
Diceware number 4: 35561 - lapping
Diceware number 5: 26225 - expand
Diceware number 6: 24453 - earpiece
Complete passphrase: reselect envelope nuptials lapping expand earpiece
Stefan Claas wrote:
Hi all,
regarding my previous thread about memorizing a 128/256 bit key,
I came up with the following idea to create Argon2id keys.
Now we only need to memorize our Diceware passphrase.
This task shoulb be carried out on an offline Computer.
I am using four Golang programs, called dwp (diceware passphrase), dice2bip, leetspeak and argon2id, which you can find on my GitHub
page at:
https://github.com/stefanclaas/
Usage of leetspeak is optional.
First we start with dwp:
$ dwp -r 6 -d eff_large_wordlist.txt -p
Diceware number 1: 51534 - reselect
Diceware number 2: 25455 - envelope
Diceware number 3: 42252 - nuptials
Diceware number 4: 35561 - lapping
Diceware number 5: 26225 - expand
Diceware number 6: 24453 - earpiece
Complete passphrase: reselect envelope nuptials lapping expand earpiece
I have updated dwp, so that instead of blanks between the words, one can
use, with the -s paramter, a special character as seperator, along the -p parameter.
regarding my previous thread about memorizing a 128/256 bit key,
I came up with the following idea to create Argon2id keys.
Now we only need to memorize our Diceware passphrase.
This task shoulb be carried out on an offline Computer.
I am using four Golang programs, called dwp (diceware passphrase),
dice2bip, leetspeak and argon2id, which you can find on my GitHub
page at:
https://github.com/stefanclaas/
Usage of leetspeak is optional.
First we start with dwp:
$ dwp -r 6 -d eff_large_wordlist.txt -p
Diceware number 1: 51534 - reselect
Diceware number 2: 25455 - envelope
Diceware number 3: 42252 - nuptials
Diceware number 4: 35561 - lapping
Diceware number 5: 26225 - expand
Diceware number 6: 24453 - earpiece
Complete passphrase: reselect envelope nuptials lapping expand earpiece
Our final result: b3ff9d34181c4771dd9ec993c78b2d5b2cc809024c9447f97468893f0d70e611
Stefan Claas in sci.crypt:
regarding my previous thread about memorizing a 128/256 bit key,
I came up with the following idea to create Argon2id keys.
Now we only need to memorize our Diceware passphrase.
This task shoulb be carried out on an offline Computer.
I am using four Golang programs, called dwp (diceware passphrase), dice2bip, leetspeak and argon2id, which you can find on my GitHub
page at:
https://github.com/stefanclaas/
Usage of leetspeak is optional.
First we start with dwp:
$ dwp -r 6 -d eff_large_wordlist.txt -p
Diceware number 1: 51534 - reselect
Diceware number 2: 25455 - envelope
Diceware number 3: 42252 - nuptials
Diceware number 4: 35561 - lapping
Diceware number 5: 26225 - expand
Diceware number 6: 24453 - earpiece
Complete passphrase: reselect envelope nuptials lapping expand earpiece
Calculated entropy: 77 Bits:
number of positions: 30 (6 x 5)
character pool: 1..6
| user15@o15:/tmp$ bc -lq
| 30 * l(6)/l(2)
| 77.54887502163468544431
Quote from <https://en.wikipedia.org/wiki/Diceware>:
| The level of unpredictability of a Diceware passphrase
| can be easily calculated: each word adds 12.9 bits of
| entropy to the passphrase [...]. Originally, in 1995,
| Diceware creator Arnold Reinhold considered five words
| (64.6 bits) the minimal length needed by average users.
| However, in 2014 Reinhold started recommending that at
| least six words (77.5 bits) be used.
[...]
Our final result: b3ff9d34181c4771dd9ec993c78b2d5b2cc809024c9447f97468893f0d70e611
This result has an entropy of 77 Bits, too. IMHO.
Not 256 Bits, as you might think, as reshaping doesn't
add any amount of entropy, AFAIR.
Marcel Logen wrote:
Stefan Claas in sci.crypt:
regarding my previous thread about memorizing a 128/256 bit key,
I came up with the following idea to create Argon2id keys.
Now we only need to memorize our Diceware passphrase.
This task shoulb be carried out on an offline Computer.
I am using four Golang programs, called dwp (diceware passphrase), dice2bip, leetspeak and argon2id, which you can find on my GitHub
page at:
https://github.com/stefanclaas/
Usage of leetspeak is optional.
First we start with dwp:
$ dwp -r 6 -d eff_large_wordlist.txt -p
Diceware number 1: 51534 - reselect
Diceware number 2: 25455 - envelope
Diceware number 3: 42252 - nuptials
Diceware number 4: 35561 - lapping
Diceware number 5: 26225 - expand
Diceware number 6: 24453 - earpiece
Complete passphrase: reselect envelope nuptials lapping expand earpiece
Calculated entropy: 77 Bits:
number of positions: 30 (6 x 5)
character pool: 1..6
| user15@o15:/tmp$ bc -lq
| 30 * l(6)/l(2)
| 77.54887502163468544431
Quote from <https://en.wikipedia.org/wiki/Diceware>:
| The level of unpredictability of a Diceware passphrase
| can be easily calculated: each word adds 12.9 bits of
| entropy to the passphrase [...]. Originally, in 1995,
| Diceware creator Arnold Reinhold considered five words
| (64.6 bits) the minimal length needed by average users.
| However, in 2014 Reinhold started recommending that at
| least six words (77.5 bits) be used.
$ argon2id -p \"project clock spirit taste shoulder trumpet what system radio boat local sock pond gauge cancel hundred" \
...
So, all in all, we only have to remember the Diceware passphrase to reconstruct
our encryption key.
Rich wrote:
Stefan Claas <[email protected]> wrote:
$ argon2id -p \"project clock spirit taste shoulder trumpet what system radio boat local sock pond gauge cancel hundred" \
-s "4nnu41 u61y fu31 v01d 3x3cu73 54u5463 4n613 kn33"
...
So, all in all, we only have to remember the Diceware passphrase to reconstruct
our encryption key.
I suggest you perform a test.
Today, attempt to memorize your dicewords/leetspeek example above.
Then, wait seven days.
Then, try to regurgitate it (without cheating) and see how well you did.
Then, wait fourteen days.
Repeat trying to remember it (without cheating).
Continue with longer intervals at your pleasure.
I predict that you will find it difficult to remember those random word
sententes after only a short timeframe, likely somewhere on the order
of 7-28 days.
In my example above we have to memorize six words, without leetspeak.
reselect envelope nuptials lapping expand earpiece
If we write them down as two words per line, we have 3 lines of text
to remember, wich should be doable, like we learned much longer poems
at school, I would say.
I would also argue that one can replace words, they do not like, with
their own ones. Or one can completely omit the Diceware step and uses
his own passphrase with my dice2bip program.
For myself I do not use English words, I use German words.
Stefan Claas <[email protected]> wrote:
$ argon2id -p \"project clock spirit taste shoulder trumpet what system radio boat local sock pond gauge cancel hundred" \
-s "4nnu41 u61y fu31 v01d 3x3cu73 54u5463 4n613 kn33"
...
So, all in all, we only have to remember the Diceware passphrase to reconstruct
our encryption key.
I suggest you perform a test.
Today, attempt to memorize your dicewords/leetspeek example above.
Then, wait seven days.
Then, try to regurgitate it (without cheating) and see how well you did.
Then, wait fourteen days.
Repeat trying to remember it (without cheating).
Continue with longer intervals at your pleasure.
I predict that you will find it difficult to remember those random word sententes after only a short timeframe, likely somewhere on the order
of 7-28 days.
Stefan Claas <[email protected]> wrote:
In my example above we have to memorize six words, without leetspeak.
reselect envelope nuptials lapping expand earpiece
If we write them down as two words per line, we have 3 lines of text
to remember, wich should be doable, like we learned much longer poems
at school, I would say.
I would also argue that one can replace words, they do not like, with
their own ones. Or one can completely omit the Diceware step and uses
his own passphrase with my dice2bip program.
For myself I do not use English words, I use German words.
My point is: "Try for yourself to memorize one of these, for some length
of time".
If you want to use German words, use German words. But make one up
"six words", "eight words", "??? words", your choice.
Then do an actual "memory test". Try to memorize it, then give yourself varying lengths of time between not 'remembering' it to see how well
you can retain the random words.
I predict you'll find that without periodic refreshment, that after an unexpected short time, you'll have mis-remembered at least one word or
the order of at least one word.
Beyond the few 'memory savants', most human memories, without periodic refreshing, are quite lossy. More like DRAM than SRAM.
Rich wrote:
Then do an actual "memory test". Try to memorize it, then give yourself
varying lengths of time between not 'remembering' it to see how well
you can retain the random words.
Ok. I will do.
I predict you'll find that without periodic refreshment, that after an
unexpected short time, you'll have mis-remembered at least one word or
the order of at least one word.
Well, what would you suggest then,
Beyond the few 'memory savants', most human memories, without periodic
refreshing, are quite lossy. More like DRAM than SRAM.
Well, then old school saying: practice makes perfect.
For your reference, records indicate that
Stefan Claas <[email protected]> wrote:
Well, what would you suggest then, as an example, some cool selfmade rhymes,
easy to remember or a self made peom etc., spiced up with special chars between the words?
One semi-clever thing I did for encoding locations as words:
<https://www.impossiblystupid.com/node/227/?content=be-+-direction>
was to allow the word list to be used flexibly to construct more “meaningful” phrases.
Eve can't know for sure what we can come up with in our minds, can she?
The mind is a poor random number generator, though. That’s probably what makes it so bad at memorizing random *anything*. So the tools we need are ones that add meaning, and do so without reducing unpredictability. A tall order, to be sure.
Doc O'Leary wrote:
For your reference, records indicate that
Stefan Claas <[email protected]> wrote:
Well, what would you suggest then, as an example, some cool selfmade rhymes,
easy to remember or a self made peom etc., spiced up with special chars between the words?
One semi-clever thing I did for encoding locations as words:
<https://www.impossiblystupid.com/node/227/?content=be-+-direction>
was to allow the word list to be used flexibly to construct more “meaningful” phrases.
Really nice idea, thanks for sharing.
Well, what would you suggest then, as an example, some cool selfmade rhymes, easy to remember or a self made peom etc., spiced up with special chars between the words?
Eve can't know for sure what we can come up with in our minds, can she?
BTW. I figured out something IMHO really nice.
When using my dice2bip program with a '0', for example, as passphrase value
I get the following BIP39 mnemonics:
$ dice2bip -passphrase 0
24-word mnemonic:
grow chronic river sand follow wide spell depth change exclude diet disease around couple buzz domain public addict pave focus top crane glue valid
And now comes the fun part.
Feeding this mnemonic into https://iancoleman.io/bip39/ and pressing
the Show entropy details, I have made the '0' 256 bit entropy so to speak
and could theoretically use the hex values as deterministic encryption key.
Marcel Logen wrote:
Stefan Claas in sci.crypt:
Our final result: b3ff9d34181c4771dd9ec993c78b2d5b2cc809024c9447f97468893f0d70e611
This result has an entropy of 77 Bits, too. IMHO.
Stefan Claas <[email protected]> wrote:
Rich wrote:
Then do an actual "memory test". Try to memorize it, then give yourself varying lengths of time between not 'remembering' it to see how well
you can retain the random words.
Ok. I will do.
I predict you'll find that without periodic refreshment, that after an unexpected short time, you'll have mis-remembered at least one word or the order of at least one word.
Well, what would you suggest then,
Dicewords, etc. are good, and have usefulnesses, but are not a panacea.
For some individuals with better memory ability, they will work well.
For a fairly large group of "general people" they will be ok provided
they get periodic refreshing (i.e., usage, to reinforce the memory).
And for some subset of "general people" they won't be able to remember
even six dicewords in their native language accurately the very next
day.
The solution, as Bruce Schriber has stated, is to "write them down" and
store the slip of paper in some reasonably secure manner (one of his recommendations was on one's wallet). Naturally if dealing with
spycraft and border searches then this changes radically, but for that
usage all but the worst subset of memories could likely replay six dice
words in their head just long enough to make it through a border
crossing search (to be written down again on the other side of the
border).
They *very much* do improve over asking a human to remember something
like (this is just the md5sum of 1k of /dev/urandom data):
038d71180f7880dca1125e160e1258df
But for all but the, say, top 10% of memory ability folks, they will
need to be "using" the diceword phrase on a fairly regular basis to
have any hope of remembering them long term.
Beyond the few 'memory savants', most human memories, without periodic refreshing, are quite lossy. More like DRAM than SRAM.
Well, then old school saying: practice makes perfect.
For all but the bottom 10% of memory ability folks, likely yes, but
they do need a reason to 'practice' the phrase. Without that practice
they will have it quickly slip their mind.
So, now I have a deterministic 256 bit key, from the last step. (11424cb7f3a1fbd806283f23dac38cc067dfa560e99cc18126647ef65b12a8d0)
Like I said one can mix and repeat or omit steps to his heart content, without remembering Diceware passphrases, while others can use Diceware.
So, now I have a deterministic 256 bit key, from the last step. (11424cb7f3a1fbd806283f23dac38cc067dfa560e99cc18126647ef65b12a8d0)
Like I said one can mix and repeat or omit steps to his heart content, without remembering Diceware passphrases, while others can use Diceware.
I guess this is now a more flexible approach.
Ok, understood. Another approach without diceware.
For your reference, records indicate that
Stefan Claas <[email protected]> wrote:
Ok, understood. Another approach without diceware.
I say you’re still focusing on the wrong part of the problem. Getting 24 random words is *not* a mnemonic! If there is any processing to do with
the bits, it is to make the randomness more humanly meaningful, or to
help with error correction for imperfect recall.
My p2m program uses a password and salt, with PDKDF2, and from that the
BIP39 mnemonic is generated and the entropy, instead of a random seed.
| Sysop: | Keyop |
|---|---|
| Location: | Huddersfield, West Yorkshire, UK |
| Users: | 716 |
| Nodes: | 16 (2 / 14) |
| Uptime: | 51:54:35 |
| Calls: | 12,115 |
| Calls today: | 6 |
| Files: | 15,010 |
| Messages: | 6,518,580 |
| Posted today: | 1 |