[messaging] "Pseudoword" base32 fingerprints

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Feb 6 17:24:44 PST 2014

On 02/05/2014 06:09 PM, Joseph Bonneau wrote:
> Good project idea Trevor. There are a lot of related tools which aim to
> make random pronounceable passwords. Two for Linux are:
> pwgen: zae7IiB7 phoosu1U Hu5meed8 aeY4eeGu oht6ax9M aD4taur4 Ohpai5sh
> sheiGah8
> apg: odripAbag6 (o-drip-Ab-ag-SIX) AzMykUpt3opo (Az-Myk-Upt-THREE-op-o)

pwgen is pretty deeply flawed, if the discussion on oss-security is to
be believed:


I haven't reviewed apg with any of the approaches described in the above
thread, but i've also seen other (non-published) "pronouncable" password
generators that were similarly flawed from an entropic/cracking perspective.

> In general, I think it would nice to have a library for turning random bits
> into "human-friendly form". This might include a tradeoff for
> length/painlessness, but we would also surely get different results if we
> optimize for:
> a) easy for humans to spot differences
> b) easy for humans to pronounce/hear/type
> c) easy for humans to remember
> We would also probably end up with a different algorithm for different
> language populations...

This sounds like a major project. i don't think "length/painlessness" is
the right way of framing the tradeoff though -- in particular, i think
you'd want to use some measure of entropy or
dictionary-cracking-resistance in place of the idea of "length".  There
are lots of pronouncable schemes that provide long passwords but not
particularly high entropy :/


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1010 bytes
Desc: OpenPGP digital signature
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140206/d4312424/attachment.sig>

More information about the Messaging mailing list