Article <v4vbth$fvtf$1@i2pn2.org>

Deutsch English Français Italiano
<v4vbth$fvtf$1@i2pn2.org>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: ...!weretis.net!feeder9.news.weretis.net!news.nk.ca!rocksolid2!i2pn2.org!.POSTED!not-for-mail
From: Stefan Claas <pollux@tilde.club>
Newsgroups: sci.crypt
Subject: Re: Memorizing a 128 bit / 256 bit hex key
Date: Wed, 19 Jun 2024 21:35:12 +0200
Organization: =?UTF-8?b?4oSt8J2UpfCdlKbwnZSj8J2Uo/CdlK/wnZSi8J2UrfCdlLLwnZSr8J2UqA==?=
 =?UTF-8?b?8J2UsA==?=
Message-ID: <v4vbth$fvtf$1@i2pn2.org>
References: <v4s3ld$bu48$1@i2pn2.org>
	<v4vb9v$2478p$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 19 Jun 2024 19:35:13 -0000 (UTC)
Injection-Info: i2pn2.org;
	logging-data="524207"; mail-complaints-to="usenet@i2pn2.org";
	posting-account="Cql5xXq+1B7GYqFCkkYQTE9ttzQmzqt9PRBXcODTV+U";
Finger: tilde.club/~pollux/
X-Spam-Checker-Version: SpamAssassin 4.0.0
Bytes: 3052
Lines: 43

Chris M. Thomasson wrote:

> On 6/18/2024 6:55 AM, Stefan Claas wrote:
> > You thoughts please, gentlemen.
> > 
> > Let's say you travel and do not want to store your secret hex key on your
> > device and recreate it from memory.
> > 
> > What do you think about this proposal?
> > 
> > $ printf '%x' $(date -u -d '1979-01-01 12:34:56' +%s) $(date ...) 4 or 8 times.
> > 
> > One has to remember only the dates (times are optional) and then simply run the
> > one liner.
> > 
> > The encryption software can be downloaded when one arrives at his destination.
> > 
> 
> Generate a hex key from a password? It seems like my site can do it:
> 
> http://fractallife247.com/test/hmac_cipher/ver_0_0_0_1?ct_hmac_cipher=2bf63f8ee90dfed997b115aa711600c45a8212a1e35f4f75ccfa36ee459b3fedd8b5f477ebb8871dd94025e7731f39cf7650f864fd6d5ce6908bb2609f96e81a413ccf40b33380a569155cb79612def387c76dd1ae436bcb4fb8c9b959be255708d020d559e07492ba24aae3705ba700a5d9c857418a0050d9ad5935efbfc36b895329cabeacbc7cefdee04834b4d392e50501c55587361bd6ca7337083fcd16ddf95d50072ea61cf2aaeb45d4d676abf93d39ad0a386399d55f2d0dba6be91521068f1120573e96aa1d81362e62f91bf88f63fe159175c13a1abec4184aae1cadfe2e18be27cac0fbefbae0c57cec531bc71e8a86d0f15a727e98bafe0239c5fd06a250e7f6
> 
> It encrypts a key using the default password. The key is generated using 
> the same program. This example basically generates a key using the 
> default password, then encrypts said key using a different password.
> 
> Everybody can decrypt the generated key because the ciphertext in the 
> link uses the default password:
> 
> https://i.ibb.co/BybrYDw/image.png
> 
> The plaintext is:
> 
> A key:
> 
> f65952b125ba6860e21aef9c55e69e0612b153e5fd2599ac00b67945f9bec7563d5edf8bf9fa0db27aeb78b0c8f40f0a6a69b2cd720d59ecc73a01c1ccad0933cfe9e014dda35db6eaba760c9dbdff0f4ad24c5b702baab8e225189179b8bd

Your site says it does key generation from 64 random bytes. How do you remember the key
when traveling, with no device? Or how can you trust your site, when your are on annual leave, out of your country, and some bad boy customized your site?

-- 
Regards
Stefan