[Cryptography] Passwords are dying - get over it
Kent Borg
kentborg at borg.org
Mon Dec 23 11:14:33 EST 2013
On 12/23/2013 10:10 AM, Bill Cox wrote:
> How would you recommend protecting your ssh private key? Here's a
> great tutorial on adding key stretching to your ssh private key, which
> by default has none:
I never use a private ssh key for personal interactive logins. Which
means I nearly never use ssh private keys, only when I need automated
logins and that needs to be done very carefully.
Using a private key has three problems I see:
1. Another opportunity for an attacker: the key file.
2. Now I need to manage all the places I store key files.
3. The passphrase protecting the private key needs to be much stronger
than does a password because there is a limit on how fast a password can
be checked because the server will throttle attempts. Yes, you are
talking about key strengthening, but I still want a lot of real entropy
in my base passphrase, just in case the strengthening isn't so good.
Something worth 128-bits of entropy is a pain to remember and type. But
a password can be pretty short and still good (for example, 4-digit ATM
PINs).
-kb
P.S. Passwords can be pretty easy to type, or have lots of entropy in
them: but then they get long and hard to type without errors--and hard
to remember. For example, this has 128-bits of entropy in it (as it was
mechanically and created out of 128-bits of /dev/urandom by a reversible
coding):
e195-16-explore-xray-comet-8bd7-orinoco-reward-canvas-72-strong-spain-poker
Remembering a series of three randomly chosen words is easy, there
always seems to be a meaning that can be associated with them, but to
"curve fit" an idea through many such random words is hard. And typing
with only bullet characters as feed back is error-prone.
More information about the cryptography
mailing list