Article <vqcstn$33rjg$2@dont-email.me>

Deutsch English Français Italiano
<vqcstn$33rjg$2@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: ...!weretis.net!feeder9.news.weretis.net!news.quux.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail
From: Richard Heathfield <rjh@cpax.org.uk>
Newsgroups: sci.crypt
Subject: Re: Generate random passwords with your mouse ... :-)
Date: Thu, 6 Mar 2025 19:26:47 +0000
Organization: Fix this later
Lines: 27
Message-ID: <vqcstn$33rjg$2@dont-email.me>
References: <vqaaim$1q8rg$1@paganini.bofh.team> <vqafqv$2jg8b$2@dont-email.me>
 <vqbnmd$21e9n$1@paganini.bofh.team> <vqbpl5$2tqjk$1@dont-email.me>
 <vqc784$2281i$1@paganini.bofh.team> <vqc9d5$30gab$1@dont-email.me>
 <vqcaek$22dlp$1@paganini.bofh.team> <vqcdjq$30tov$2@dont-email.me>
 <87o6yei2gg.fsf@pc-731.ybtra.de> <vqcn63$231ur$1@paganini.bofh.team>
 <87v7sm803e.fsf@pc-731.ybtra.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Thu, 06 Mar 2025 20:26:47 +0100 (CET)
Injection-Info: dont-email.me; posting-host="a12ade0f7e5b6fab51cfc5e27fedd0be";
	logging-data="3272304"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1/vUEBz4AUQ44gUyjLMiK7B0XxgeOXlA4E66yCMux+9IA=="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:z84uTrYlET4PWSG5DbwiwDCawgM=
Content-Language: en-GB
In-Reply-To: <87v7sm803e.fsf@pc-731.ybtra.de>
Bytes: 2301

On 06/03/2025 18:52, Marcel Logen wrote:
> Stefan Claas in sci.crypt:
> 
>> Sure, it only needs a slight change in the C code, but I do not want
>> to have the shasum of a password and prefer the shasum of the entropy,
>> so that the shasum can be used for a password as well! :-)
> 
> One question I ask myself:
> 
> Aren't you losing entropy when you use the modulo operation
> in the "bytes_to_chars" function? I wonder.
> 
> Marcel

Yes.

He'd do better restricting his character set to 64 elements, and 
then using his entropy 6 bits at a time without any need for the 
mod. Practical upshot: slightly longer password at no extra cost 
other than slightly awkward programming as you dance around the bits.

-- 
Richard Heathfield
Email: rjh at cpax dot org dot uk
"Usenet is a strange place" - dmr 29 July 1999
Sig line 4 vacant - apply within