# [Cryptography] 256 bit key + 12 digit PIN

Tony Arcieri bascule at gmail.com
Mon Jan 4 16:28:20 EST 2016

```Relevant:

---------- Forwarded message ----------
From: Tony Arcieri <bascule at gmail.com>
Date: Sun, Jan 3, 2016 at 4:33 PM
Subject: Re: [Cryptography] How can you enter a 256-bit key in 12 decimal
digits?
To: Ray Dillinger <bear at sonic.net>
Cc: "cryptography at metzdowd.com" <cryptography at metzdowd.com>

On Sun, Jan 3, 2016 at 11:26 AM, Ray Dillinger <bear at sonic.net> wrote:

> 256-bit encryption it says, but it has buttons for entering
> decimal digits and allows "up to 12-digit pass code combinations
> to protect your data from unauthorized use."
>
> Now, the last time I looked, 12 decimal digits equals about 40
> bits, not 256 bits.  To enter a 256-bit key you need ~77 decimal
> digits, not 12.
>
> If someone can get at your data by brute forcing a key in a 40-
> bit key space, why is it legal to call this 256-bit encryption?

It's possible there's some sort of high-entropy on-device secret. There are
also ways of generating these secrets in such a way that attempts to
physically tamper with the device will destroy the secret generator, e.g.
https://en.wikipedia.org/wiki/Physical_unclonable_function

A high-entropy secret generated in this matter can be mixed with the PIN to
derive an encryption key. This allows you to implement hardware lockouts on
PIN entry at a very low level in hardware.

--
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160104/699e49d0/attachment.html>
```