[Cryptography] Possible reason why password usage rules are such a mess
Kent Borg
kentborg at borg.org
Wed Nov 18 12:04:25 EST 2020
On 11/17/20 1:09 PM, Phillip Hallam-Baker wrote:
> Some of the password stupidity we suffer from today comes from the two
> weeks after the release of Crack. At the time, UNIX password files
> were world readable by default and anyone suggesting shadow password
> files was the way to go was attacked for 'security through security'.
> Crack upped the ante because it could make 6? 60? attempts a second
> and so a moderate sized cluster of SPARCstations could test every
> password in a million entry dictionary in a weekend.
But readable password hashes have gone away. Passwords are only readable
on systems that are already quite broken. (Any old Unix systems still
running are quite broken.) To set password policy based this case is all
wrong.
> Battery Horse Staple Correct is 2^60 bits of work factor. That is not
> strong enough.
If the target system has already been broken into, correct. But if one
has to brute force through a login program? 2^60 is more than plenty!
If I have done my math correctly, to be certain of breaking in in
100-years, one would have to get the login to test passwords for you at
over a 6 MHz rate that entire time. Appropriately faster to get in
appropriately sooner.
Only the crappiest systems will have no login throttling and if they are
that crappy they will respond far slower than that because they are….crappy.
This gets me to an oft ignored point: passwords (something that has to
be tested against some authority) are completely different from
encryption passphrases (which, given ciphertext, can be tested in
parallel and at arbitrary speeds).
Rules for passwords need to be completely different from those for
encryption passphrases. In that case, you are correct: "there is simply
no ENCRYPTION PASSPHRASE that is long enough to be secure that is short
enough to be memorable".
-kb
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20201118/08894aaa/attachment.htm>
More information about the cryptography
mailing list