[Discuss] Password managers

[kentborg at borg.org (Kent Borg)]

On 5/6/20 7:32 PM, Kent Borg wrote:

> 16-random characters? Which? Let's assume just lower case ASCII 
> alphabetics.
>
> ?26^16 is 43608742899428874059776L
>
> That is a big number. (Add uppercase and numbers and other printable 
> stuff...and 52**16 and 96**16 are both crazy bigger.)
>
> If your attacker started brute forcing that lowercase password at the 
> start of the universe, and had been checking 100K guesses per second 
> ever since, your attacker would be finishing up any millennium now.
>
> What is the point?

Encryption keys are different. There is no rate-limiting (nor remote 
server crashing under your load), you can copy the encrypted file across 
as many machines as you like.

 ?- The rate at which you can test a password is determined by some 
external sever you don't control.

 ?- The rate at which you can test an encryption key is limited only by 
your budget.

In 1998 the $250,000 EFF's Deep Crack broke DES (56-bits) in under 
3-days. (That was an impressive feat.) Put a $10,000,000 machine on it 
and that would be under 2-hours. Have an NSA-style budget and 
$100,000,000 key cracking machine seems likely, and it takes less than 
10-minutes.

These numbers are way out of date, but the principle still stands: Once 
you have a copy of the encrypted data you can divide up the work and do 
it in parallel.

To defend against a brute force search, make the encryption key longer. 
AES is 128-bits or 256-bits. But your passphrase gets turned into the 
real key, and if it is "password1234" it can be one of the first ones tried.

Make encryption passphrases crazy, nasty, un-typeable monsters to really 
be safe.

-kb