Path: ...!feed.opticnetworks.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Peter Fairbrother <peter@tsto.co.uk>
Newsgroups: sci.crypt
Subject: Re: Memorizing a 128 bit / 256 bit hex key
Date: Wed, 19 Jun 2024 21:02:31 +0100
Organization: A noiseless patient Spider
Lines: 38
Message-ID: <v4vdgn$249vl$3@dont-email.me>
References: <v4s3ld$bu48$1@i2pn2.org> <v4s46k$bu48$2@i2pn2.org>
 <v4s62s$c1if$1@i2pn2.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 19 Jun 2024 22:02:31 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="11e83ddfa5707c6a85053169736b452d";
	logging-data="2238453"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1+Pqx0poVVBzg4OYvt2ycAkTSiMdNyefUM="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:k63NR9WnuC04mrSVDDyyIO7C/3w=
In-Reply-To: <v4s62s$c1if$1@i2pn2.org>
Content-Language: en-GB
Bytes: 2107

On 18/06/2024 15:37, Stefan Claas wrote:
> Stefan Claas wrote:
> 
>> Stefan Claas wrote:
>>
>>> You thoughts please, gentlemen.
>>>
>>> Let's say you travel and do not want to store your secret hex key on your
>>> device and recreate it from memory.
>>>
>>> What do you think about this proposal?
>>>
>>> $ printf '%x' $(date -u -d '1979-01-01 12:34:56' +%s) $(date ...) 4 or 8 times.
>>>
>>> One has to remember only the dates (times are optional) and then simply run the
>>> one liner.
>>
>> And use that as a seed for Argon2id key creation.
>>
>>>
>>> The encryption software can be downloaded when one arrives at his destination.

Hmm, from where? Threat analysis?


> I think diceware passwords with Argon2id are the solution, because one can
> recreate the Argon2id hex key with with the memorized diceware passphrase. :-)

Much better.

Both diceware and argon2id can be improved on, but generally that would 
mostly work.


Peter Fairbrother

bored, just got out of hospital, and laid up with bad knee