On 05/13/2014 03:58 PM, Rémi wrote: > Going over your points: > > - Yes, I should select some other slow hash function. Do you have a > suggestion for a secure function available in python? Currently, Python doesn't come with those kind of function. > > - It is less random. That is why it is popped. Then you should update the comment :) > > - It really doesn't matter if some names have a tiny bit lower > probability of getting selected. Much more useful would be to add more > names. > > - Now you're just trolling. The username suffix is indeed not random, > but derived like the rest of the credentials. Then it shouldn't be described as random :) > > - Yes, in python you do not have control over memory like you have in C. This is why those kind of tools should not be written in Python: - You don't have control over memory - You can't guarantee that your code can run in constant time. > > Maybe the comments should have been formulated to look less scary? As I > pointed out in the code, I indeed need another slow hash function. I'm > on it. Yes. Sorry for the harsh tone :|
The idea of deriving passwords from a master is not knew. What about using something like HMAC for this ? > > R. > > > On 13/05/14 15:28, jvoisin wrote: >> On 05/13/2014 03:17 PM, Rémi wrote: >>> Good suggestion. >>> >>> I added the following text to the repository: >>> >>> Goldfish is unlocked using 1.000.000 rounds of sha512, which takes ~1.5 >>> seconds in python. The hash rounds are not meant to replace an actual >>> strong password, so the password should be about as strong as your >>> truecrypt password. >>> A danger is that the root password would be guessed. It is also not >>> obvious how to change a password. If a service provider has the >>> username/password pair this does not give away anything about other >>> credentials. >>> >>> Obfuscation. >>> The usernames are designed to 'look real'. They are derived from common >>> western names with an added suffix. The service passwords and username >>> suffixes vary in length to further obfuscate that Goldfish is used. >>> If someone really wants to they could figure out that a set of >>> credentials was likely generated using Goldfish. This should not >>> directly be obvious, certainly not by just looking at the username. >>> >>> R. >> >> A quick glance at your code tells me that I don't want to use this >> software at all. >> >> - "My own implementation of a slow hash function." : Why are you >> inventing your own crypto ? >> >> - "# Pop the first number because it is probably less random." : >> Probably less random ?! >> >> - "# Yes, I know how this affects the name distribution." : Why >> admitting that your distribution is flawed instead of fixing it ?! >> >> - """" Given some information it looks up the correct username and >> appends some random data """" : This is wrong, the appended data is not >> random at all. >> >> - Your lock/unlock system has no control over the memory of the process. >> >> - ... >> >> You may want to read some papers about cryptography before creating this >> kind of softwares. >>> >>> >>> On 13/05/14 12:09, intrigeri wrote: >>>> Hi Rémi, >>>> >>>> Rémi wrote (12 May 2014 09:48:13 GMT) : >>>>> I wrote an ephemeral password manager, for privacy and anonymity. >>>>> The idea is that you use a root password to deterministically generate >>>>> credentials, so no need to store the credentials. >>>> >>>> Thanks for this suggestion. >>>> >>>> Just curious: is there any threat model description, and security >>>> analysis of the underlying password generation algorithm, to be >>>> found somewhere? >>>> >>>> Cheers, >>>> >>> _______________________________________________ >>> Tails-dev mailing list >>> Tails-dev@boum.org >>> https://mailman.boum.org/listinfo/tails-dev >>> To unsubscribe from this list, send an empty email to >>> tails-dev-unsubscr...@boum.org. >>> >> >> _______________________________________________ >> Tails-dev mailing list >> Tails-dev@boum.org >> https://mailman.boum.org/listinfo/tails-dev >> To unsubscribe from this list, send an empty email to >> tails-dev-unsubscr...@boum.org. >> > _______________________________________________ > Tails-dev mailing list > Tails-dev@boum.org > https://mailman.boum.org/listinfo/tails-dev > To unsubscribe from this list, send an empty email to > tails-dev-unsubscr...@boum.org. > _______________________________________________ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
