home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
ARM Club 3
/
TheARMClub_PDCD3.iso
/
programs
/
misc
/
rndpass
/
!RNDpass
/
!Tips
< prev
next >
Wrap
Text File
|
1998-08-15
|
8KB
|
153 lines
Choosing a good pass phrase (Contributed by Nat Queen)
******************************************************
Why do we speak of a 'pass phrase' instead of a 'password'?
-----------------------------------------------------------
When many people are asked to choose a password, they select some common
word or name. This can be cracked easily by a 'dictionary attack', i.e. a
computer program that uses a dictionary to try all possibilities. Many such
programs exist. They are sometimes used by people who have forgotten their
own password. But a password that can be recovered in this way is weak. It
can be recovered just as easily by anyone else who may gain access to your
encrypted data.
A somewhat stronger type of 'password' is one which is not a real word, and
perhaps even includes some numbers or other special symbols, if these are
allowed by the software that you are using. Although this is safe from a
classical dictionary attack, it can be cracked by a brute-force attack, i.e.
a program that simply tries all possible sets of characters until it finds
the right combination. Of course, the longer the password, the more
difficult such an attack becomes. Suppose, for example, that 50 different
characters are allowed in the password. Then if you add one extra character
to an existing password, a brute-force search for the correct password would
be expected to take 50 times as long.
Many Unix systems, for example, accept logon passwords of up to eight
characters. Logon passwords for ISPs are usually similar. Unfortunately,
such passwords are rather weak and are easily attacked. You should certainly
use longer passwords if your software allows this.
Documents on PGP and some other encryption software always speak of pass
phrases, rather than passwords, in order to stress that they can be of any
reasonable length, consisting of *many* words or groups of characters,
separated (optionally) by spaces.
How strong should a pass phrase be?
-----------------------------------
The pass phrase is by far the weakest part of many cryptosystems, at least
for many users, who use a weak pass phrase in practice. If an attacker wants
to read a typical user's encrypted messages, it would be far more efficient
to try to crack the pass phrase than to attempt any real cryptanalysis. This
is why it is very important to choose a good pass phrase.
Even for powerful organisations like government agencies with huge computing
resources, it would be most cost-effective to try to crack the pass phrase.
It is often said that the simplest technique for gaining access to encrypted
data is the 'rubber-hose attack' (beating the victim, or using other
methods of torture, until the pass phrase is revealed). Another such
technique is to plant an electronic bug or a hidden program in the user's
computer, to capture all the keystrokes. Alternatively, without even any
physical access to a computer or its user, a serious attacker can monitor,
from a distance, the electronic emissions from the computer and thereby
record the pass phrase. This is known as a 'Tempest attack'. It's not easy
to guard against any of these possible attacks. But you probably do not need
to worry about them, unless you are a serious target of government
investigations, or if you live under an oppressive regime.
It makes sense to choose a pass phrase which is equal in strength to the
cryptosystem being used, since any such system is only as strong as its
weakest link. This document explains some simple tricks which can help to
achieve that goal.
How can I choose a strong pass phrase?
--------------------------------------
In general terms, the aim should be to create a pass phrase that is easy to
remember and to type when needed, but very hard for anyone else to guess,
even for someone who knows you well. It should also be long enough to make
any dictionary attack or brute-force attack impractical.
One well known method is to select, by some random process, a set of words
from a dictionary. This technique is sometimes called 'diceware'. This is
what !RNDpass does.
With a dictionary as large as the one included in !RNDpass, a pass phrase
consisting of 6 or more random words is likely to withstand any conceivable
attack, because of the enormous number of possible combinations, especially
if it's modified in some unpredictable way to prevent a pure dictionary
attack.
Some simple tips for 'distorting' a pass phrase are described below. If they
are applied with a little ingenuity, they will work well even if the user
starts with a 'normal' pass phrase in plain English (instead of random
words, as given by !RNDpass) and distorts it in such a way that it becomes
quite unpredictable.
A few special methods of doing this can be automated in !RNDpass, as an
option. 'Random' (computer-generated) distortions of a pass phrase
consisting of normal words are undoubtedly more secure than distortions
added by hand in an intuitive manner, but it may take more effort to
remember them.
How can a 'normal' pass phrase be distorted to make it stronger?
----------------------------------------------------------------
• First of all, you may start with either a set of random words like those
generated by !RNDpass (more secure, but harder to remember) or a meaningful
sequence of words (less secure, but easier to remember). If you choose the
latter approach, do not use any famous quotations, proverbs or sayings. All
these exist in dictionaries, including some in electronic form, which can be
used for cracking purposes. One possibility would be to select a phrase from
a book at random, preferably avoiding any complete sentence. Try to avoid
phrases with a conventional, predictable grammatical structure. If
necessary, replace some words with silly, unexpected words.
• When 'distorting' a 'normal' pass phrase, it is best to avoid the use of
only dictionary words, in order to foil any possible dictionary attack.
• You can use non-alphabetic characters, such as numbers or any other
symbols on your keyboard. These can be inserted in unexpected places. For
example, you can change the word 'computer' to 'c0mputer', '98%computer', or
'comput#'. The use of additional characters can increase the number of
possible pass phrases enormously, without making them much harder to
remember. It is best to put them in unexpected places. An attacker may
guess, for example, that you replaced 'o' by '0'.
• Pass phrases in many programs, such as PGP, are case-sensitive. This means
that it is a good idea to mix upper and lower case. For example, 'computer',
comPUTer and COMPUTER would all be treated as distinct.
• If you know any words from foreign languages, you can include some in your
pass phrase.
• You can invent your own nonsense words, like the famous word 'jabberwocky'
coined by Lewis Carroll.
• You can create completely meaningless 'words' consisting of apparently
'random' characters, but which are easy to remember. For example, 'ilro'
might stand for 'I love RISC OS'.
• Bear in mind that you can use any printable ASCII characters, not just the
ones that appear on the keyboard. For example, the copyright symbol © can be
obtained by holding down the ALT key, typing 169 on the numeric keypad, and
then releasing the ALT key. Details of how to get all such characters can be
found in your computer's User Guide.
• You can disguise dictionary words by using strange and unexpected
spellings. For example, the word 'computer' can be changed to 'komputta'.
• Dictionary words can also be hidden by using extra spaces, or omitting
spaces, as in 'com puter' or 'Acorncomputer'.
• The techniques suggested above become even more effective when used in
combination. An example might be the 'word' 'MY2c0mputas@home'.
A final word of advice: Whatever you do, don't ever write down your pass
phrase or store it in any computer file. If you do, it's asking for trouble.
Your pass phrase should exist only in your head!