exploring the use of manual encryption of passwords (newbie)
From: Alex D (anon_at_anon.anon)
Date: 09/28/04
- Next message: Paul Rubin: "Re: Yahoo mail authentication protocol"
- Previous message: William Ahern: "Re: encryption/backup"
- Next in thread: jcastro: "Re: exploring the use of manual encryption of passwords (newbie)"
- Reply: jcastro: "Re: exploring the use of manual encryption of passwords (newbie)"
- Reply: Paul Rubin: "Re: exploring the use of manual encryption of passwords (newbie)"
- Maybe reply: Alex D: "Re: exploring the use of manual encryption of passwords (newbie)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 27 Sep 2004 23:03:55 GMT
Hello,
1. (Being a newbie in crypto) I am investigating some time in trying to find
an easy manual encryption scheme (i.e. no software involved other than my own
brain) to "encrypt" my passwords used on various places (websites, e-mail,
ISP, ...). I would like to encrypt the password list because the idea is to
carry them on a piece of paper that cannot be used by crackers. The idea is to
have a list of (system, password) pairs (maybe also the user id as a third
column).
Currently I am considering the use of some kind of Vigenere algorithm using a
single, private, long 10-15 digit key to generate passwords. The idea is that
the piece of paper cannot be used because the (private) key is not known; each
time I need to present a password to a system, I look up the written "key"
associated to that system, "encrypt" (!) it using the private key and
presented the result to the password entry box. When a new password is needed,
I just add the system name (URL, etc...) as a new line in my list and then add
a random string of 10-15 digits next to it; encrypting this string will be the
password fed to the system. (Analog procedure when I replace a password for an
existing system.)
To have a quick conversion using simple mathematical operations, passwords are
all-digits; should a site impose the use of alpha chars, they are added
unencrypted; the essence is the remaining string of digits.
The operation would be to do a simple modulo add of password digits and
corresponding key digit:
:123781263478 ("password")
#442348129322 (key)
=565029382790 (real password)
The idea is that anyone can see the passwords, but does not know what key is
used to generate the real password; the passwords are long enough to prevent
brute-force password cracking; using digits provides easy math operations; I
don't think statistical analysis wil help in finding the key.
2. As a sidenote, I would like to share an observation I made a while ago, I
wonder if this has already been known:
Often, keys must be arranged in grids (e.g. Playfair), then some (sometimes
relatively) complicated algorithm must be applied to transform cleartext
characters into cyphertext. Why not use this scheme: for each (plaintext, key)
character pair, draw a "vector" (x,y displacement) from plaintext char to key
char; then extend the vector in the same direction. The character found under
the resulting position is the cipher char.
example:
grid (just a simple one):
ABCDEF
GHIJKL
MNOPQR
STUVWX
YZ0123
456789
message:
thequickfox
key:
abcdefghijklm...
cipher:
X5A0S6QKRE7
Note that this is not meant to produce a solid encryption algorithm, but is a
quick visual means to convert cleartext into cyphertext without much
mindboggling or the need to write down intermediate results; it could just be
a step in some another encryption method.
Thanks for your comments,
-alex-
- Next message: Paul Rubin: "Re: Yahoo mail authentication protocol"
- Previous message: William Ahern: "Re: encryption/backup"
- Next in thread: jcastro: "Re: exploring the use of manual encryption of passwords (newbie)"
- Reply: jcastro: "Re: exploring the use of manual encryption of passwords (newbie)"
- Reply: Paul Rubin: "Re: exploring the use of manual encryption of passwords (newbie)"
- Maybe reply: Alex D: "Re: exploring the use of manual encryption of passwords (newbie)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
