Dictionary words vs Random Gibberish

Moderators: admin, azitnay, anatoly_LP, chantieLP, JoeSiegrist, robyn

Dictionary words vs Random Gibberish

Postby evilthought2 » Mon Jan 13, 2014 5:21 am

After thinking about it, dictionary words (chosen randomly) as passwords is not a bad idea. They are actually excellent passwords as people can remember them much better than random gibberish.

For example let a hacker know that we are using this dictionary with easy to remember 3000 words as our master password:
http://www.learnersdictionary.com/browse/words3k/

Password 1: "O1YycIz2!NXbyw7" (15 letters random string)
Password 2: "sun track marriage star jacket direct most first hot night"

Password 2 is way easier to remember for most humans, but which is a stronger password?

Password 1: 96 ^ 16 = 52040292466647269602037015248896 (possibilities)
Password 2: 3000 ^ 10 = 5.9049e+34 (way bigger number)

As it turns even if the attacker knows the exact dictionary used (and most likely he won't) password 2 is still much stronger (and most likely impossible to brute force even if all super computers are combined to break it).

I think we should stop telling people idiotically not to use "dictionary" words. Randomly chosen dictionary words are very strong for banks, emails (for example just 4 random words from the same dictionary for a bank website would be 81000000000000 possible combination, which is strong enough as a bank site will detect any brute force attempt.

"night mother marriage moon" vs "gE9xM^Py" for email/bank password? The dictionary one is not only easier to remember, but actually it's a stronger password too -- even if the hacker knows the exact dictionary used was this: http://www.learnersdictionary.com/browse/words3k/
evilthought2
 
Posts: 164
Joined: Sun Apr 28, 2013 5:05 am

Re: Dictionary words vs Random Gibberish

Postby Lars » Mon Jan 13, 2014 5:27 am

"The article goes on to explain how dictionary attacks work, how well they do, and the sorts of passwords they find."
https://www.schneier.com/blog/archives/ ... ood_a.html

I'd stay away from dictionary-based passwords anyday!!
Lars
 
Posts: 2577
Joined: Wed Jul 14, 2010 10:48 pm
Location: So Cal

Re: Dictionary words vs Random Gibberish

Postby evilthought2 » Mon Jan 13, 2014 5:33 am

Posting links will not refute what I posted. My argument was based on number of possible combination in 3000 word dictionary. It's simple mathematics.

I can post links too: This site shows why dictionary words are not easy to break:

http://security.stackexchange.com/quest ... passphrase
evilthought2
 
Posts: 164
Joined: Sun Apr 28, 2013 5:05 am

Re: Dictionary words vs Random Gibberish

Postby evilthought2 » Mon Jan 13, 2014 5:36 am

Image
evilthought2
 
Posts: 164
Joined: Sun Apr 28, 2013 5:05 am

Re: Dictionary words vs Random Gibberish

Postby Lars » Mon Jan 13, 2014 5:38 am

evilthought2 Wrote:Posting links will not refute what I posted. My argument was based on number of possible combination in 3000 word dictionary. It's simple mathematics.

It's blatantly clear you didn't read the article I linked to. They actually have dictionaries with +100 million words. But hey, you're entitled to your opinion.


I am not a LastPass employee. I am a LastPass Forum Moderator, trying to keep spam away.
Any opinion expressed is my own and does not necessarily reflect that of the LastPass team.

To submit a support ticket, please go to - https://lastpass.com/my.php
Lars
 
Posts: 2577
Joined: Wed Jul 14, 2010 10:48 pm
Location: So Cal

Re: Dictionary words vs Random Gibberish

Postby evilthought2 » Mon Jan 13, 2014 6:05 am

Lars Wrote:
evilthought2 Wrote:Posting links will not refute what I posted. My argument was based on number of possible combination in 3000 word dictionary. It's simple mathematics.

It's blatantly clear you didn't read the article I linked to. They actually have dictionaries with +100 million words. But hey, you're entitled to your opinion.


I am not a LastPass employee. I am a LastPass Forum Moderator, trying to keep spam away.
Any opinion expressed is my own and does not necessarily reflect that of the LastPass team.

To submit a support ticket, please go to - https://lastpass.com/my.php


It's blatantly clear that you didn't understand my post. I was not making this thing up. I first discovered that you can represent 128 bit random AES key (which everyone agree is impossible to crack) with just 12 words in a dictionary that has only 1626 words in it. This comes from the source code of Electrum (which is a bitcoin client):

Look at these 1626 words

https://github.com/Evil-Knievel/electru ... eforcer.py

(scroll down to see the words)

Now, when I first saw this I thought this must be really insecure as there are only 1626 words in the dictionary and only 12 words from this dictionary are chosen.

However, as it turned out (as Electrum programmer explained to me) that the private key is generated randomly first but that random key CAN be represented by just 12 words from that 1626 word dictionary for humans to remember easily

Do the math:

2^128 == 3.4028236692093846346337460743177e+38
1626^12 = 3.4154387002817342781797097590636e+38

They are same.

What that means is that if you generate a random 128 bit key that looks something like this:

"770A8A65DA156D24EE2A093277530142"

You can represent the same key with 12 words from 1626 dictionary that looks something like this:

"teacher stood harm peel serve stir doubt position glance house lick won"

It turns out that they are IDENTICAL and be converted from one form to another.

I was surprised when the author first told me this:

770A8A65DA156D24EE2A093277530142 and "teacher stood harm peel serve stir doubt position glance house lick won" (chosen from 1628 word dictionary)

are IDENTICAL

I was amazed when I first saw this. The second one is much easier to remember, but the second one can be converted to first one using a simple function.

Amazing

but true

The programmer was using this technique so the user won't have to remember something like "770A8A65DA156D24EE2A093277530142 " but something like " "teacher stood harm peel serve stir doubt position glance house lick won" and the program will recover the key as these words can be converted back "770A8A65DA156D24EE2A093277530142"

It's only a fallacy of human brain to think that dictionary words from small 1626 dictionary (chosen randomly) are weaker as human brain can't comprehend they are equal in this case (128 bit key)
Last edited by evilthought2 on Mon Jan 13, 2014 6:25 am, edited 1 time in total.
evilthought2
 
Posts: 164
Joined: Sun Apr 28, 2013 5:05 am

Re: Dictionary words vs Random Gibberish

Postby Lars » Mon Jan 13, 2014 6:24 am

The characteristics that made "momof3g8kids" and "Oscar+emmy2" easy to remember are precisely the things that allowed them to be cracked. Their basic components—"mom," "kids," "oscar," "emmy," and numbers—are a core part of even basic password-cracking lists. The increasing power of hardware and specialized software makes it trivial for crackers to combine these ingredients in literally billions of slightly different permutations. Unless the user takes great care, passwords that are easy to remember are sitting ducks in the hands of crackers.

From the Ars Technica article.
Lars
 
Posts: 2577
Joined: Wed Jul 14, 2010 10:48 pm
Location: So Cal

Re: Dictionary words vs Random Gibberish

Postby evilthought2 » Mon Jan 13, 2014 6:33 am

Lars Wrote:
The characteristics that made "momof3g8kids" and "Oscar+emmy2" easy to remember are precisely the things that allowed them to be cracked. Their basic components—"mom," "kids," "oscar," "emmy," and numbers—are a core part of even basic password-cracking lists. The increasing power of hardware and specialized software makes it trivial for crackers to combine these ingredients in literally billions of slightly different permutations. Unless the user takes great care, passwords that are easy to remember are sitting ducks in the hands of crackers.

From the Ars Technica article.


They key is is that words from dictionary have to be chosen randomly -- humans should NOT pick them up. They are still easy to remember even if you pick the words randomly with a software.

In any case, see my last post. 12 words from 1626 words dictionary can represent the entire 128 bit AES key space, as Electrum bitcoin software does it. Both have same number of possibilities.

What that means is that if you generate a random 128-bit AES key you can represent that key with 12 words from 1626 word dictionary:

2^2128 = 3.4028236692093846346337460743177e+38
1626^12 = 3.4154387002817342781797097590636e+38

just like you can convert a binary number to decimal number, and a decimal number to Hex number, you can convert 128 bit number to 12 words from 1626 word dictionary for human to remember it easily.

That will not make it less secure as the number of possibilities has not changed. Again it's human brain that can't comprehend this fact and automatically assumes it must be weak as these are all words, but it's still same 128 bit AES key represented as words!
Last edited by evilthought2 on Mon Jan 13, 2014 6:38 am, edited 1 time in total.
evilthought2
 
Posts: 164
Joined: Sun Apr 28, 2013 5:05 am

Re: Dictionary words vs Random Gibberish

Postby Lars » Mon Jan 13, 2014 6:36 am

A cracking system doesn't care if the words in your dictionary-based password are chosen at random or not.
Lars
 
Posts: 2577
Joined: Wed Jul 14, 2010 10:48 pm
Location: So Cal

Re: Dictionary words vs Random Gibberish

Postby evilthought2 » Mon Jan 13, 2014 6:40 am

Lars Wrote:A cracking system doesn't care if the words in your dictionary-based password are chosen at random or not.


I think you are really having a hard time comprehending what I posted.

Cracking 128-bit AES key and 12 words from 1626 word dictionary has exact same level of difficulty as the number of possible combinations are exactly the same. Please go back and read my last post.

Your posts confirms that human brain can't comprehend this and automatically assumes 12 random words (from 1626 dictionary) are weaker than 128-bit AES key when they are identical
evilthought2
 
Posts: 164
Joined: Sun Apr 28, 2013 5:05 am

Next

Return to Off Topic

Who is online

Users browsing this forum: No registered users and 2 guests