[Cryptography] Passwords (Smallest feasible work factor today?)

Ralf Senderek crypto at senderek.ie
Tue Sep 13 17:32:01 EDT 2022 


  Ray Dillinger wrote:

>
>                                   The security model does have one big hole
>  if someone else gets their hands on the box. But if someone has to resort to
>  in-person burglary to get at passwords - meaning personal attention for an
>  individual target - It's not compatible with the economic model of most
>  people who'd be after most passwords.
>
>  ... The passwords stored on my 3x5 cards in the metal lockbox
>  for these "special" passwords are plaintext that I pass through a
>  pencil-and-paper encryption to get the actual password.  And there are
>  a few ordinary things I carry with me which I use in combination as the

>  key to that pencil-and-paper cipher.  But nobody looking through my stuff
>  would ever see a key there, nor know how to combine these objects to make
>  the key,  nor know how to use it as a key.

This approach sounds almost like "security by obscurity", because if you'd
open-source your pencil-and-paper encryption then surely your ordinary things
would not look so innocent. How secure would your method be, if the thief
can get his hands on your ciphertexts and has the knowledge *how* to derive
an (unknown) key?


>  So for most passwords, there's an annoying fifteen second lookup.  For the
>  "special" ones there's a fifteen-second lookup plus about a minute and a
>  half of hand encrypting to work out the real password.
>
>  This is annoying and high-effort compared to the neat package most
>  hardware password managers present.  But the electronic password
>  manager does not exist whose every hardware component is made by people
>  whom I implicitly trust or
>  whose every circuit trace can be visually checked at any time to make sure
>  that it's exactly what it ought to be.  Nor does the electronic password
>  manager exist whose every line of code is guaranteed not to be
>  exploitable.

The problem starts when you *use* your password. All benefits of your "low tech"
approach are lost once you enter your special password to do something on an
electronic platform. Even if it is used to decrypt an AES encrypted file 
only, your password is exposed to all those risks that you tried to avoid
with your low tech attempt.

      -ralf

More information about the cryptography mailing list