[messaging] Passphrase-based key mobility (was: Peerio)

Garrett Robinson garrett at freedom.press
Fri Mar 6 16:20:50 PST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 3/2/15 1:04 AM, Nadim Kobeissi wrote:
> We have decided to forego with user-chosen passphrases entirely,
> and to stick uniquely to the miniLock model of having a CSPRNG pick
> a high-entropy (112-bit) passphrase for users.

Cool! This has always been the SecureDrop model, although the entropy
of these passphrases is significantly higher than those of the default
length 7-word SecureDrop passphrases (~89.1 bits). We might want to
consider increasing the size of our dictionary (fairly small at 6800
words) or the default length of the passphrases; however, doing either
introduces usability tradeoffs that must be carefully considered.

The unfortunate downside is that to gain this security assurance,
you've lost the usability that was theoretically the motivator for
allowing users to pick their own passphrases in the first place.

Nadim, have you considered adding a feature to Peerio to help train
users to remember their long passphrases? Joe Bonneau (who commented
extensively on this thread) co-authored a paper [0] recently about
using spaced repetition to help people memorize high-entropy
passphrases (both more traditional "passwords" and Diceware
passphrases). It seems to me Peerio is at an interesting design
mid-point between high security and general-purpose usability that
might make this an interesting, novel, and potentially very helpful
approach.

Cheers,
Garrett

[0]
http://www.jbonneau.com/doc/BS14-USENIX-towards_memorizing_random_passwords.pdf
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJU+kRiAAoJEEZPConT75yusvQP/3Fd6qyQotr6sq5Eh0D3BC3Y
booVH5MI6AcXOpocsc1G69ZEm70RFtY8pUiEbD6pJQU4iITWCQJRE7mqJs6qMV8d
InKNK3nAJckI0rJhdVhqWI9xHjTyIyrwY1lykV9R22hZFpqicrPefpjM4xzb73Vm
zAQVyMNXuFJB6zxEuQwzGhPuqzdASUZxpNPmzNKar+M2Bmyspdv8jZostm06W9WP
Tkcfw/Dfdaq1Bd3nyqt/1kSFJOllNl0PZvf5M1X7M6dZLkRK5nZfnIeIjPENJG3/
B1MFwM3TRtjTc6Y2gIDBpdecDT1ApBWTvHHcGdb5O2qvmbCaBakeYnW/ycIeuVOr
TWPj92IDYJ5W4UK+DUcvcnQ5iuTVQ4ZEHVVePPLIjMSH8nIVsr++ij2WbLKKU6lr
AtLF4u6kLU4W7Pp7mRS8ngSVl6I+PC7IxDiVQAym8omHq27lHkd7TCM6yrusbSkj
M+ihr0tjEqXte4YSACHv5hKpi5wJefhhSY/b024K+z1AY2EBWmodbXFr1Nnkw/+r
/8TErxGpnWuf2+5kId9pHBrXK302SFGe9Zcek8KziLfuhvRAh1FT7apVDOkDMS9V
67bqMh/5+kR+a4mgcbPnbgxKTOp5ep6TcQ8dBoXQBOT+gYp5TMkyXgTjdnbQpcM9
gb7nwT0QKMTe+neceQwi
=ewTh
-----END PGP SIGNATURE-----


More information about the Messaging mailing list