Re: Bug#768772: ITP: xkcdpass -- secure passphrase generator inspired by XKCD 936
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Even if it ends as impractical for usage I do support that you package it. Its your joy to work on it and I think that at least many people would have fun and laugh when they cross it in our big archive (I know I would, I mean its xkcd afterall). Cheers, zlatan On 10 November 2014 04:13:32 CET, Ben Finney ben+deb...@benfinney.id.au wrote: Paul Wise p...@debian.org writes: I would encourage this approach: [not using memorable computer-generated passphrases at all] Thanks for the recommendation; I don't agree it is suitable for the majority of Debian users. I'm working on the assumption – reasonable, I think – that generation of strong memorable passphrases is still a useful task in a free operating system today. -- \ “I must say that I find television very educational. The minute | `\ somebody turns it on, I go to the library and read a book.” | _o__)—Groucho Marx | Ben Finney -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/85mw7zbvdv@benfinney.id.au - -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -BEGIN PGP SIGNATURE- Version: APG v1.0.9 iQJSBAEBCAA8BQJUYHOPNRxabGF0YW4gVG9kb3JpYyAoRGViaWFuZXIpIDx6bGF0 YW4udG9kb3JpY0BnbWFpbC5jb20+AAoJEC5cILs3kzv9AwYP/10EAOCFhEwygvY0 FfBYQqZM+3OXINn4pEdr2XAR5vApWjxiungPfpEpo319EmSLVcn2v5iIJTaX/ndz rgV0rfYG5gu8nvCtfN5v8u7FzcuJi1Dhqr2MnDgWT2j4JcBGdjOcO5DFzcBR97Aw GTFYd0RWr/n2kdED8VHDmop9Y18cfPWMqqOFk/5nIr9I1VgkfS8aEKyRol0GZN+S OapAk+/wLIBztRGakdnt62PFP8QA4unlSVYTVVlT9KgOp5fzNyXToPx/c7ci366p DLmjpf8e+/15kKtKDfrrUMn7TmrXYUvF2qAt3kW6eR866pszZpGKtprb6aKoLuhp 3BcW+EsZzl+y2BOBsG5VYUkLlWduV+usGcMe+cIOokSYDk+neO4qd0OAlitK13NL diHCQJsLStE0/zEracOuMLCbe4D2NP5eBZrlA75DxFTEBdHYXYwwERSACE3EvlMJ 34sscSlVi/AnggkL8PLIKYlc6oZLy4ZgLGcJXVTQaHHZyE6NRauaV7P0MN5s2FTO ngfpKjhufLpyCFpXpzvLULqLj89XVgj1UKQyIFnt2S2xUVe3QGDMZDG73D/96AsM CHAArOxc+Cheo5zXz57Gy3S/NzjHuYq5wxsCSqCmCzXwvIGSMCvU3GBwl4C6aWTg Nrmh47N6CVyb5+VIEHov8crFX9Um =la4I -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/fc76415b-b257-4ce7-aad0-58e60f4fd...@riseup.net
Re: Bug#768772: ITP: xkcdpass -- secure passphrase generator inspired by XKCD 936
[adding bugreport as recipient] Quoting Ben Finney (2014-11-10 00:33:52) Simon McVittie s...@debian.org writes: Does [xkcdpass] have significant advantages over pwqgen, in the passwdqc package? Significant advantages: * ‘xkcdpass’ provides an implementation of a much-discussed scheme for strong passphrase generation. (Which is not to say the results are stronger than all others; only that these are relatively strong.) I don't know of any other tool implementing the scheme discussed in XKCD 936. You probably mean other tools in Debian, but if you more generally mean other FLOSS tools, there is (an inferior [Crypt::PW44] and) [Crypt::XkcdPassword] which I have considered packging. ...or at least I suspect it might be superior, so let me rephrase as curious questions for your xkcdpass tool: * Does it handle alternate dictionaries (e.g. danish)? * Does it handle massaging dictionary (e.g. strip profanities)? Crypt::XkcdPassword by default uses the most commonly used words in film scripts and television shows, and documents examples of adaptations at https://metacpan.org/pod/Crypt::XkcdPassword::Examples. That's meant not only as friendly competition but also as inspiration for your tool in case you find those adaption features relevant. Thanks for packaging this, - Jonas Crypt::XkcdPassword: https://metacpan.org/pod/Crypt::XkcdPassword [Crypt::PW44]: https://metacpan.org/pod/Crypt::PW44 -- * Jonas Smedegaard - idealist Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private signature.asc Description: signature
Re: Bug#768772: ITP: xkcdpass -- secure passphrase generator inspired by XKCD 936
Jonas Smedegaard d...@jones.dk writes: [adding bugreport as recipient] Thanks. I need to be more careful in accessing Debian discussion forums; I usually do so via via NNTP. curious questions for your xkcdpass tool: * Does it handle alternate dictionaries (e.g. danish)? * Does it handle massaging dictionary (e.g. strip profanities)? The tool comes with a default wordlist, but can be instructed via a command-line option to use any correctly-formatted wordlist the user chooses. So, yes, it allows the above if the user points it to an existing wordlist. -- \ “Education is learning what you didn't even know you didn't | `\ know.” —Daniel J. Boorstin, historian, 1914–2004 | _o__) | Ben Finney b...@benfinney.id.au signature.asc Description: Digital signature
Bug#768772: ITP: xkcdpass -- secure passphrase generator inspired by XKCD 936
Package: wnpp Severity: wishlist Owner: Ben Finney ben+deb...@benfinney.id.au * Package name: xkcdpass Version : 1.2.2 Upstream Author : Steven Tobin ste...@steventob.in * URL : https://pypi.python.org/pypi/xkcdpass/ * License : BSD-3 Programming Lang: Python Description : secure passphrase generator inspired by XKCD 936 A flexible and scriptable password generator which generates strong passphrases, inspired by XKCD 936: . $ xkcdpass correct horse battery staple -- \ “The future always arrives too fast, and in the wrong order.” | `\—Alvin Toffler | _o__) | Ben Finney b...@benfinney.id.au signature.asc Description: Digital signature
Re: Bug#768772: ITP: xkcdpass -- secure passphrase generator inspired by XKCD 936
On 09/11/14 08:21, Ben Finney wrote: * Package name: xkcdpass ... A flexible and scriptable password generator which generates strong passphrases, inspired by XKCD 936: Does this have significant advantages over pwqgen, in the passwdqc package? How many bits of entropy does it typically produce? Example pwqgen output with default settings: % pwqgen wary$Nobody5leafy Regards, S -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/545f6b5a.5040...@debian.org
Re: Bug#768772: ITP: xkcdpass -- secure passphrase generator inspired by XKCD 936
Excerpts from Simon McVittie's message of 2014-11-09 05:25:46 -0800: On 09/11/14 08:21, Ben Finney wrote: * Package name: xkcdpass ... A flexible and scriptable password generator which generates strong passphrases, inspired by XKCD 936: Does this have significant advantages over pwqgen, in the passwdqc package? How many bits of entropy does it typically produce? Example pwqgen output with default settings: % pwqgen wary$Nobody5leafy With that, I have to remember that Nobody is capitalized, and that the spaces are replaced by $ and 5. The other approach accepts that we are forgetful and so uses spaces. But it also has the weakness that if the approach and the separators are suspected, one can very cheaply run a dictionary attack before brute forcing random characters (and in fact this is what many password cracking tools do). If you add in random separators and capitalization that does nearly achieve the proclaimed complexity that the xkcd article was suggesting. So it seems to this lay-person that pwqgen is a better choice. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1415541625-sup-7...@fewbar.com
Re: Bug#768772: ITP: xkcdpass -- secure passphrase generator inspired by XKCD 936
On 09/11/14 14:25, Clint Byrum wrote: With that, I have to remember that Nobody is capitalized, and that the spaces are replaced by $ and 5. The other approach accepts that we are forgetful and so uses spaces. But it also has the weakness that if the approach and the separators are suspected, one can very cheaply run a dictionary attack before brute forcing random characters (and in fact this is what many password cracking tools do). It's a trade-off. I didn't say this is unacceptable because..., I only asked the question. The cost of a dictionary attack goes up exponentially with the number of bits of entropy in the password or passphrase, which is why I asked how much entropy this tool has. IMO, the right way to assess the quality of the passphrases produced by one of these tools is to assume that the attacker knows which tool you use, and its settings (word list, whether to use punctuation, etc.), and see how many attempts it would take them with that knowledge; then compare that with how memorable the results are. Each bit of entropy doubles the number of possibilities that an attacker needs to try. pwqgen defaults to generating a passphrase with 47 bits of entropy. I think it primarily includes capitals, punctuation and digits as a workaround for sites that require passwords to contain these, rather than as a way to increase entropy: after all, randomly choosing whether each word has an initial capital only adds 1 bit of entropy per word. Diceware[1] is an implementation of a similar algorithm designed to be used via physical dice rather than a computer's pseudorandom number generator. It uses 5 die rolls to choose one of 7776 distinct words, and its author recommends a 6-word passphrase, resulting in about 77.5 bits of entropy. S [1] http://world.std.com/~reinhold/diceware.html -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/545f7ece.2070...@debian.org
Re: Bug#768772: ITP: xkcdpass -- secure passphrase generator inspired by XKCD 936
Excerpts from Simon McVittie's message of 2014-11-09 06:48:46 -0800: On 09/11/14 14:25, Clint Byrum wrote: With that, I have to remember that Nobody is capitalized, and that the spaces are replaced by $ and 5. The other approach accepts that we are forgetful and so uses spaces. But it also has the weakness that if the approach and the separators are suspected, one can very cheaply run a dictionary attack before brute forcing random characters (and in fact this is what many password cracking tools do). It's a trade-off. I didn't say this is unacceptable because..., I only asked the question. The cost of a dictionary attack goes up exponentially with the number of bits of entropy in the password or passphrase, which is why I asked how much entropy this tool has. IMO, the right way to assess the quality of the passphrases produced by one of these tools is to assume that the attacker knows which tool you use, and its settings (word list, whether to use punctuation, etc.), and see how many attempts it would take them with that knowledge; then compare that with how memorable the results are. Each bit of entropy doubles the number of possibilities that an attacker needs to try. pwqgen defaults to generating a passphrase with 47 bits of entropy. I think it primarily includes capitals, punctuation and digits as a workaround for sites that require passwords to contain these, rather than as a way to increase entropy: after all, randomly choosing whether each word has an initial capital only adds 1 bit of entropy per word. Diceware[1] is an implementation of a similar algorithm designed to be used via physical dice rather than a computer's pseudorandom number generator. It uses 5 die rolls to choose one of 7776 distinct words, and its author recommends a 6-word passphrase, resulting in about 77.5 bits of entropy. Forgive my response. I seemed to forget everything I learned in the last 5 years about passwords after a trans-atlantic flight. Thanks for reminding me. ;) -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1415547127-sup-8...@fewbar.com
Re: Bug#768772: ITP: xkcdpass -- secure passphrase generator inspired by XKCD 936
Simon McVittie s...@debian.org writes: Does [xkcdpass] have significant advantages over pwqgen, in the passwdqc package? Significant advantages: * ‘xkcdpass’ provides an implementation of a much-discussed scheme for strong passphrase generation. (Which is not to say the results are stronger than all others; only that these are relatively strong.) I don't know of any other tool implementing the scheme discussed in XKCD 936. * The passphrases produced by ‘xkcdpass’ have, compared with other schemes, excellent properties for accurate human memorisation (meaningful words with normal spelling, no punctuation) while still being acceptably strong for many uses. Since both these are true – the passphrases are strong, and the other properties are interesting and useful – this IMO makes the tool sufficiently unique to be included in Debian. How many bits of entropy does it typically produce? The example given at the top of its web page merely reproduces the four-word example from XKCD 936 (presumably for easy association with the existing meme). As discussed there, this would be 44 bits of entropy. The tool by default produces longer passphrases: $ xkcdpass included soundless instruct housecoat arena shove $ xkcdpass millionth legume styling traveller fleeting gallon $ xkcdpass dumpiness androgyny radii domiciled ribaldry determine From a small dictionary of common words, say 2000–3000, a single randomly-chosen word has about 11 bits (= log₂(2048)) of entropy. So these passphrases have around 66 bits of entropy. Given that these passphrases are quite strong *and* have comparatively superior properties for human memorisation, I think this tool deserves inclusion in Debian. -- \ “The process by which banks create money is so simple that the | `\ mind is repelled.” —John Kenneth Galbraith, _Money: Whence It | _o__) Came, Where It Went_, 1975 | Ben Finney -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/8561eoc5jz@benfinney.id.au
Re: Bug#768772: ITP: xkcdpass -- secure passphrase generator inspired by XKCD 936
Why are we still using passphrases at all? -- bye, pabs https://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/caktje6hsb+lxgw3d112c1vahc2yau32uvsu-douyaolf6ck...@mail.gmail.com
Re: Bug#768772: ITP: xkcdpass -- secure passphrase generator inspired by XKCD 936
Paul Wise p...@debian.org writes: Why are we still using passphrases at all? This is only temporary, as we transition to uncrackable brain–computer interfaces for every device. Until that future arrives for every device, I'd like people who use those remaining services still requiring passphrases, to have tools for generating good passphrases. -- \ “Leave nothing to chance. Overlook nothing. Combine | `\ contradictory observations. Allow yourself enough time.” | _o__) —Hippocrates | Ben Finney -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/85tx27bxvx@benfinney.id.au
Re: Bug#768772: ITP: xkcdpass -- secure passphrase generator inspired by XKCD 936
On Mon, Nov 10, 2014 at 10:19 AM, Ben Finney wrote: This is only temporary, as we transition to uncrackable brain–computer interfaces for every device. I'm not looking forward to the denial-of-service attacks that could introduce :) Until that future arrives for every device, I'd like people who use those remaining services still requiring passphrases, to have tools for generating good passphrases. I would encourage this approach: For remote services that don't yet support sane authentication mechanisms (anything other than a passphrase), complain to their operators, use very long non-memorable randomly generated passphrases (since those have more entropy), automatically rotate them regularly (I joke, rotation of keys/passphrases is still ridiculously impractical) and encrypt them using a local key. For local authentication and local keys, use pass-phrases that are generated using the diceware method (aka not on a computer) and strong enough that they will last until replacement. In both cases, something like xkcdpass isn't needed. -- bye, pabs https://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/caktje6f_dm63zfpkbfrno_tmdvrrsnysdw4piz491tbz+my...@mail.gmail.com
Re: Bug#768772: ITP: xkcdpass -- secure passphrase generator inspired by XKCD 936
Paul Wise p...@debian.org writes: I would encourage this approach: [not using memorable computer-generated passphrases at all] Thanks for the recommendation; I don't agree it is suitable for the majority of Debian users. I'm working on the assumption – reasonable, I think – that generation of strong memorable passphrases is still a useful task in a free operating system today. -- \ “I must say that I find television very educational. The minute | `\ somebody turns it on, I go to the library and read a book.” | _o__)—Groucho Marx | Ben Finney -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/85mw7zbvdv@benfinney.id.au