Path: ...!feed.opticnetworks.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Rich <rich@example.invalid>
Newsgroups: sci.crypt
Subject: Re: Memorizing a 128 bit / 256 bit hex key
Date: Tue, 18 Jun 2024 20:06:21 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 23
Message-ID: <v4spbt$1gttp$2@dont-email.me>
References: <v4s3ld$bu48$1@i2pn2.org> <v4s7nv$1cvio$1@dont-email.me> <v4sfv1$celq$1@i2pn2.org> <v4snug$1gjt3$1@dont-email.me> <jFlcO.57814$bHO6.27194@fx06.ams4>
Injection-Date: Tue, 18 Jun 2024 22:06:22 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="8d6c210f11a82313bfe46bbb2da75273";
	logging-data="1603513"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX180xm/uNkK3/zi4YbaXgfYM"
User-Agent: tin/2.6.1-20211226 ("Convalmore") (Linux/5.15.139 (x86_64))
Cancel-Lock: sha1:jYKCNZ8u2iiQAb+rT9cpybxUUlU=
Bytes: 2000

Cri-Cri <cri@cri.cri.invalid> wrote:
> On Tue, 18 Jun 2024 19:42:08 -0000 (UTC), Rich wrote:
> 
>> only when it is run to 'check' the output.  Then it would, presumably,
>> be no more suspicious than the 'date' command itself (other than what
>> suspicion might be raised by the fact that most OS'es don't ship with an
>> erasure coder by default).
> 
> But many (most?) Linux distributions ship with Python (or it's easy to 
> acquire), which can be used to obfuscate such things.
> 
>>>> import hashlib as h
>>>> h.sha256(b'this is my secret key I DO remember').hexdigest()[::-1]
> '6a8aabb884123762ccf20e6445fddfe58446ba47b4622a315b7d22bae992f965'
> 
> So little code you don't have to save anything to disk. The secret key is 
> almost longer. :)

Also true, and a way to convert something potentially more memerable 
than a set of random dates into a 'key'.

And so long as one's python REPL does not save history (or you turn off 
history before running the above) you leave no trace behind.