Re: Secure password generation...blasphemy!
On Tue, Aug 04, 2009 at 10:39:38AM -0600, Modulok wrote: > But I'm also looking for a good way to generate high quality crypto > keys. In the later case, the data being protected are disk images of > clients...mountains of sensitive data. These will be on USB > keys, and thus do not need to be memorized. Assuming my clients are > not enemies of a state, /dev/random should be a sufficient source for > this purpose, correct? i.e: > > dd if=/dev/random of=foo.key bs=256 count=1 It should be "good enough"... but you need to do so reading on non-linear key spaces first. Depending on the symmetric cipher, not all keys are equally strong; and if you're unlucky, you may catch one of those "bad keys" through /dev/random. However, this is a fairly advanced crypto topic. > Thanks guys! > -Modulok- -cpghost. -- Cordula's Web. http://www.cordula.ws/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Secure password generation...blasphemy!
On Mon, 3 Aug 2009 22:34:27 -0400 Bill Moran wrote: > Modulok wrote: > > > > I need a way to generate a lot of secure passwords. So, I read all > > about it. Either people are getting way carried away, or I'm missing > > something... > > You could just use apg ... it's in the ports. By the look of it this was originally DES-based, and was upgraded to use CAST or SHA1. However the seeding from /dev/random seems to have been left at 64 bits (the DES blocksize) plus some extra from gettimeofday(). In practice it's probably good enough, it just seems a bit lame. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Secure password generation...blasphemy!
On Tue, 4 Aug 2009 10:42:22 -0600 Modulok wrote: > As I understand it I would have to double the length of a hashed > password for it to be as secure as an un-hashed one, as each pair of > characters represent one byte. Aye? I wouldn't put it quite like that, it's the hexadecimal representation that puts one bytes into two characters not the hashing. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Secure password generation...blasphemy!
On Mon, 3 Aug 2009 20:28:52 -0600 Modulok wrote: > However, wouldn't hashing bytes from /dev/random be quite secure? The > hash function would cover any readily apparent patterns, if they were > found to existed. That's fine, the only issue is that hex digits lead to long passwords for a given stength. Most password generators are OK, provided that they ultimately derive a sufficiently strong seed from /dev/random and don't do anything stupid, this includes things like jot, which uses the arc4random library. The main problem is that there are still a few generators around, IIRC sysutils/pwgen is one, that still seed from the time and the pid, so I wouldn't use a generator unless I'd seen the source. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Secure password generation...blasphemy!
As I understand it I would have to double the length of a hashed password for it to be as secure as an un-hashed one, as each pair of characters represent one byte. Aye? -Modulok- On 8/4/09, RW wrote: > On Mon, 3 Aug 2009 22:20:50 -0800 > Mel Flynn wrote: > >> On Monday 03 August 2009 18:28:52 Modulok wrote: >> >> > I wrote a python script which uses /dev/random, and hashes the >> > output with sha256. I then truncate the output to the desired >> > length. Blasphemy! According to the superstitious password crowd my >> > passwords are not very secure ... maybe. >> >> They aren't, because you reduce the random to a much less random, >> *because* you are hashing. > > Not in FreeBSD, it's a 256bit PRNG and a 256 bit hash. > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Secure password generation...blasphemy!
On Mon, 3 Aug 2009 22:20:50 -0800 Mel Flynn wrote: > On Monday 03 August 2009 18:28:52 Modulok wrote: > > > I wrote a python script which uses /dev/random, and hashes the > > output with sha256. I then truncate the output to the desired > > length. Blasphemy! According to the superstitious password crowd my > > passwords are not very secure ... maybe. > > They aren't, because you reduce the random to a much less random, > *because* you are hashing. Not in FreeBSD, it's a 256bit PRNG and a 256 bit hash. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Secure password generation...blasphemy!
Good call on the hashing, reducing the quality of the passwords, Kurt. The hash generated passwords are for online accounts, as auto-generated initial passwords and such. But I'm also looking for a good way to generate high quality crypto keys. In the later case, the data being protected are disk images of clients...mountains of sensitive data. These will be on USB keys, and thus do not need to be memorized. Assuming my clients are not enemies of a state, /dev/random should be a sufficient source for this purpose, correct? i.e: dd if=/dev/random of=foo.key bs=256 count=1 Thanks guys! -Modulok- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Secure password generation...blasphemy!
Anton Shterenlikht wrote: > On Tue, Aug 04, 2009 at 09:52:21AM +0200, Roland Smith wrote: >> On Mon, Aug 03, 2009 at 08:28:52PM -0600, Modulok wrote: >>> I need a way to generate a lot of secure passwords. So, I read all >>> about it. Either people are getting way carried away, or I'm missing >>> something... >> It is very easy to generate hard-to-guess semi-random passwords: >> >>openssl rand -base64 6 >> >> some examples: >> >> hJ9WQ0eK oOyHWEd4 W801vDIB mob29k5I RVDXkE/9 7BRHC+8h >> >> Even though this is semi-random, these are still extremely hard to >> guess, and neither will a dictionary attack be much use. The _big_ >> downside is that this kind of passwords are hard to remember. So people >> _will_ write them down. Which isn't a problem in itself, as long as they >> keep that piece of paper secure. (so not taped to their monitor, or >> under their keyboard.) >> >> A better solution IMHO is to let people make their own acronyms, mixed >> with a little l33tsp34k. That way you can have something easy to >> remember, but still hard to guess. E.g. "Ask not for whom the bell >> tolls" would become "An4wtbt". > > I really like the VMS password generation facility: > > UAF> modify donkey/generate_password > > tratworman > cralopyter > bosequism > coshindius > jaritions > > Enter PRIMARY password: > > clumiump > wrielene > guirtiety > scapress > primpatly > > Enter PRIMARY password: > > odliesting > conetred > emenstate > ammycle > rasests > > ... > > You are given a choice of 5 passwords to choose from. > If you don't like any, keep going until something > comes up that's easy to remember for you. > > The system manager can specify the min required length. > > I think this is a really nice utility, and VMS systems are > very rarely compromised, though perhaps VMS users are > better trained in password safe keeping. > Password guessing will crack these in a jiffy. Hardly secure I would say... I use apg, like this: /usr/local/bin/apg -x 8 -m 8 -l -MSNCL -s 8 characters, minimal one capital, number and special sign, and I could use a previous used password (or random) as input. Peter -- http://www.boosten.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Secure password generation...blasphemy!
On Tue, Aug 04, 2009 at 09:52:21AM +0200, Roland Smith wrote: > On Mon, Aug 03, 2009 at 08:28:52PM -0600, Modulok wrote: > > I need a way to generate a lot of secure passwords. So, I read all > > about it. Either people are getting way carried away, or I'm missing > > something... > > It is very easy to generate hard-to-guess semi-random passwords: > >openssl rand -base64 6 > > some examples: > > hJ9WQ0eK oOyHWEd4 W801vDIB mob29k5I RVDXkE/9 7BRHC+8h > > Even though this is semi-random, these are still extremely hard to > guess, and neither will a dictionary attack be much use. The _big_ > downside is that this kind of passwords are hard to remember. So people > _will_ write them down. Which isn't a problem in itself, as long as they > keep that piece of paper secure. (so not taped to their monitor, or > under their keyboard.) > > A better solution IMHO is to let people make their own acronyms, mixed > with a little l33tsp34k. That way you can have something easy to > remember, but still hard to guess. E.g. "Ask not for whom the bell > tolls" would become "An4wtbt". I really like the VMS password generation facility: UAF> modify donkey/generate_password tratworman cralopyter bosequism coshindius jaritions Enter PRIMARY password: clumiump wrielene guirtiety scapress primpatly Enter PRIMARY password: odliesting conetred emenstate ammycle rasests ... You are given a choice of 5 passwords to choose from. If you don't like any, keep going until something comes up that's easy to remember for you. The system manager can specify the min required length. I think this is a really nice utility, and VMS systems are very rarely compromised, though perhaps VMS users are better trained in password safe keeping. -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 928 8233 Fax: +44 (0)117 929 4423 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Secure password generation...blasphemy!
On Mon, Aug 03, 2009 at 08:28:52PM -0600, Modulok wrote: > I need a way to generate a lot of secure passwords. So, I read all > about it. Either people are getting way carried away, or I'm missing > something... It is very easy to generate hard-to-guess semi-random passwords: openssl rand -base64 6 some examples: hJ9WQ0eK oOyHWEd4 W801vDIB mob29k5I RVDXkE/9 7BRHC+8h Even though this is semi-random, these are still extremely hard to guess, and neither will a dictionary attack be much use. The _big_ downside is that this kind of passwords are hard to remember. So people _will_ write them down. Which isn't a problem in itself, as long as they keep that piece of paper secure. (so not taped to their monitor, or under their keyboard.) A better solution IMHO is to let people make their own acronyms, mixed with a little l33tsp34k. That way you can have something easy to remember, but still hard to guess. E.g. "Ask not for whom the bell tolls" would become "An4wtbt". Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgp1s3UVhYmb9.pgp Description: PGP signature
Re: Secure password generation...blasphemy!
On Monday 03 August 2009 18:28:52 Modulok wrote: > I wrote a python script which uses /dev/random, and hashes the output > with sha256. I then truncate the output to the desired length. > Blasphemy! According to the superstitious password crowd my passwords > are not very secure ... maybe. They aren't, because you reduce the random to a much less random, *because* you are hashing. You're much better off, using ctype to determine if the byte you got is typeable on a keyboard and if not getting the next byte. Or use an array of allowed characters and read the rands as integers modulus the size of the array. But as others have stated, you're reinventing the wheel, and even FreeBSD's adduser(8) can generate random passwords that are suitable for most uses. You should really answer Kurt's questions to determine how secure they should be. As far as Pseudo generators go, they will generate the same sequence for the same seed, so if the seed is guessable by an attacker, you should not use them. -- Mel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Secure password generation...blasphemy!
On 3-Aug-09, at 10:28 PM, Modulok wrote: I need a way to generate a lot of secure passwords. So, I read all about it. Either people are getting way carried away, or I'm missing something... Take a look at pwgen (it's in ports). If you're really needing *very* secure passwords, it makes more sense to audit existing code then to write your own. The passwords it generates can quite easily be strong enough to prevent most automated attacks. --Andrew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Secure password generation...blasphemy!
On Mon, Aug 3, 2009 at 19:28, Modulok wrote: > I need a way to generate a lot of secure passwords. So, I read all > about it. Either people are getting way carried away, or I'm missing > something... Gah. Define "secure". What is your use case? Does it involve humans remembering them, or not? What is your threat model? Will the passwords change once a day, once a month, or once a year? What's the value of the data you're protecting? Kurt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Secure password generation...blasphemy!
On Mon, Aug 3, 2009 at 10:28 PM, Modulok wrote: > I need a way to generate a lot of secure passwords. So, I read all > about it. Either people are getting way carried away, or I'm missing > something... Have a look at jot(1). -- Glen Barber ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Secure password generation...blasphemy!
Modulok wrote: > > I need a way to generate a lot of secure passwords. So, I read all > about it. Either people are getting way carried away, or I'm missing > something... You could just use apg ... it's in the ports. -- Bill Moran http://www.potentialtech.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
