Article <v9tf44$2fts4$1@dont-email.me>

Deutsch English Français Italiano
<v9tf44$2fts4$1@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: ...!weretis.net!feeder9.news.weretis.net!2.eu.feeder.erje.net!feeder.erje.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Rich <rich@example.invalid>
Newsgroups: sci.crypt
Subject: Re: Using Diceware, BIP39 and leetspeak for Argon2id keys
Date: Sun, 18 Aug 2024 18:39:00 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 61
Message-ID: <v9tf44$2fts4$1@dont-email.me>
References: <fe80a8e31f3560eaa056f683595dcccfb8a8f8a7@i2pn2.org> <v9tb6n$2euft$6@dont-email.me> <e8fb2ca5aae1ccb493f7cd3a7c4ae00f9107de1d@i2pn2.org>
Injection-Date: Sun, 18 Aug 2024 20:39:00 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="27a8b87db7433b5fa1dd735d9d0e6b28";
	logging-data="2619268"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1/2Mt3A6FrzSR+p2wZ3Wf/W"
User-Agent: tin/2.6.1-20211226 ("Convalmore") (Linux/5.15.139 (x86_64))
Cancel-Lock: sha1:Rq/SerUTJN6DLTehzCNOahfA8XU=
Bytes: 3306

Stefan Claas <pollux@tilde.club> wrote:
> Rich wrote:
>> Stefan Claas <pollux@tilde.club> wrote:
>> > $ argon2id -p \
>>   "project clock spirit taste shoulder trumpet what system radio boat local sock pond gauge cancel hundred" \
>>  -s "4nnu41 u61y fu31 v01d 3x3cu73 54u5463 4n613 kn33"
>> > 
>> > ...
>> > 
>> > So, all in all, we only have to remember the Diceware passphrase to reconstruct
>> > our encryption  key.
>> 
>> I suggest you perform a test.
>> 
>> Today, attempt to memorize your dicewords/leetspeek example above.
>>
>> Then, wait seven days.
>> 
>> Then, try to regurgitate it (without cheating) and see how well you did.
>> 
>> Then, wait fourteen days.
>> 
>> Repeat trying to remember it (without cheating).
>> 
>> Continue with longer intervals at your pleasure.
>> 
>> I predict that you will find it difficult to remember those random word 
>> sententes after only a short timeframe, likely somewhere on the order 
>> of 7-28 days.
> 
> In my example above we have to memorize six words, without leetspeak.
> 
> reselect envelope nuptials lapping expand earpiece
> 
> If we write them down as two words per line, we have 3 lines of text
> to remember, wich should be doable, like we learned much longer poems
> at school, I would say.
> 
> I would also argue that one can replace words, they do not like, with
> their own ones. Or one can completely omit the Diceware step and uses
> his own passphrase with my dice2bip program.
> 
> For myself I do not use English words, I use German words.

My point is: "Try for yourself to memorize one of these, for some length 
of time".

If you want to use German words, use German words.  But make one up 
"six words", "eight words", "??? words", your choice.

Then do an actual "memory test".  Try to memorize it, then give yourself 
varying lengths of time between not 'remembering' it to see how well 
you can retain the random words.

I predict you'll find that without periodic refreshment, that after an 
unexpected short time, you'll have mis-remembered at least one word or 
the order of at least one word.

Beyond the few 'memory savants', most human memories, without periodic 
refreshing, are quite lossy.  More like DRAM than SRAM.