Article <0e596498674dac43a1893374f46c06499c009af0@i2pn2.org>

Deutsch English Français Italiano
<0e596498674dac43a1893374f46c06499c009af0@i2pn2.org>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: ...!weretis.net!feeder9.news.weretis.net!i2pn.org!i2pn2.org!.POSTED!not-for-mail
From: Stefan Claas <pollux@tilde.club>
Newsgroups: sci.crypt
Subject: Re: Using Diceware, BIP39 and leetspeak for Argon2id keys
Date: Tue, 20 Aug 2024 21:38:24 -0000
Organization: Ch1ffr3punk5
Message-ID: <0e596498674dac43a1893374f46c06499c009af0@i2pn2.org>
References: <fe80a8e31f3560eaa056f683595dcccfb8a8f8a7@i2pn2.org> <v9tb6n$2euft$6@dont-email.me> <e8fb2ca5aae1ccb493f7cd3a7c4ae00f9107de1d@i2pn2.org> <v9tf44$2fts4$1@dont-email.me> <3d9c7a0df306d40a9d5ef84acb50013bf405384c@i2pn2.org> <v9tine$2gcq3$1@dont-email.me>
MIME-Version: 1.0
Injection-Date: Tue, 20 Aug 2024 21:38:46 -0000 (UTC)
Injection-Info: i2pn2.org;
	logging-data="3275254"; mail-complaints-to="usenet@i2pn2.org";
	posting-account="ieSrCjSDShpZNyqIW52mlwIkg76Hsp+TOOO6KTdfCN8";
User-Agent: flnews/1.3.0pre9 (for GNU/Linux)
X-Spam-Checker-Version: SpamAssassin 4.0.0
X-Date: It's Tue 11312 Sep 1993 11:38:24 PM CEST, the September that never ends
X-Finger: tilde.club/~pollux/
X-Ed25519-Pub: c0ffee5a36e581eb10f60b2831b3cdb955d2e7ef680dd282a8d43ad8b84b357a
X-Ed25519-Sig: 727b5244ed54e102c8f04e8caa8ac77250c318a59cc373dc458c4249eaf33f9f
 681e2bcc942e6d3f10f2b4f30e801210d1071d0459ff2fff372b1bb06d5d9b02
Bytes: 5267
Lines: 92

Rich wrote:
> Stefan Claas <pollux@tilde.club> wrote:
> > Rich wrote:
> > > Then do an actual "memory test".  Try to memorize it, then give yourself 
> > > varying lengths of time between not 'remembering' it to see how well 
> > > you can retain the random words.
> > 
> > Ok. I will do.
> > 
> > > I predict you'll find that without periodic refreshment, that after an 
> > > unexpected short time, you'll have mis-remembered at least one word or 
> > > the order of at least one word.
> > 
> > Well, what would you suggest then,
> 
> Dicewords, etc. are good, and have usefulnesses, but are not a panacea.
> 
> For some individuals with better memory ability, they will work well.  
> For a fairly large group of "general people" they will be ok provided 
> they get periodic refreshing (i.e., usage, to reinforce the memory).  
> And for some subset of "general people" they won't be able to remember 
> even six dicewords in their native language accurately the very next 
> day.
> 
> The solution, as Bruce Schriber has stated, is to "write them down" and 
> store the slip of paper in some reasonably secure manner (one of his 
> recommendations was on one's wallet).  Naturally if dealing with 
> spycraft and border searches then this changes radically, but for that 
> usage all but the worst subset of memories could likely replay six dice 
> words in their head just long enough to make it through a border 
> crossing search (to be written down again on the other side of the 
> border).
> 
> They *very much* do improve over asking a human to remember something 
> like (this is just the md5sum of 1k of /dev/urandom data): 
> 
> 038d71180f7880dca1125e160e1258df
> 
> But for all but the, say, top 10% of memory ability folks, they will 
> need to be "using" the diceword phrase on a fairly regular basis to 
> have any hope of remembering them long term.  
> 
> > > Beyond the few 'memory savants', most human memories, without periodic 
> > > refreshing, are quite lossy.  More like DRAM than SRAM.
> > 
> > Well, then old school saying: practice makes perfect.
> 
> For all but the bottom 10% of memory ability folks, likely yes, but 
> they do need a reason to 'practice' the phrase.  Without that practice 
> they will have it quickly slip their mind.

Ok, understood. Another approach without diceware. 
Your thoughts please, gentlemen.

I will use four programs Argon2id, eh (Eurasia-Hasher (one can use the
SHA families instead)) p2m (password to mnemonic) and leetspeak. This
approach should allow many variations, because users can easily repeat
steps, mix them etc. One only has to remember his password/passphrase
(and a salt), like he usually does and variable steps, which should be
IMHO easy to remember.

$ argon2id -p mypassword -s mysalt
0d6cffc82dd3ccd149a3228d1a08cb1007b67cf4ad8c28083665f834478360d0

with leetspeak

$ argon2id -p mypassword -s mysalt | leetspeak
0d6cffc82dd3ccd14943228d1408c81007867cf44d8c28083665f834478360d0

$ p2m -password 0d6cffc82dd3ccd14943228d1408c81007867cf44d8c28083665f834478360d0
24-word mnemonic:
public tragic scan you once possible census drink fossil dragon surround
hammer joke position conduct easy zebra behave april tower couple duck
portion cube

Entropy (hex):
ad1cdf00ff99a9510952185be8436a34478550cbb22eff828c2bf3131287aa11

$ echo ad1cdf00ff99a9510952185be8436a34478550cbb22eff828c2bf3131287aa11 | eh -sm3
11424cb7f3a1fbd806283f23dac38cc067dfa560e99cc18126647ef65b12a8d0
(this hash sum is done with the chinese SM3 hash algo)

So, now I have a deterministic 256 bit key, from the last step.
(11424cb7f3a1fbd806283f23dac38cc067dfa560e99cc18126647ef65b12a8d0)

Like I said one can mix and repeat or omit steps to his heart content,
without remembering Diceware passphrases, while others can use Diceware.

I guess this is now a more flexible approach.

-- 
Regards
Stefan