Re: Password scrambler program



yarrkov@xxxxxxxxx wrote:
On 11 maalis, 03:04, David Eather <eat...@xxxxxxxxxx> wrote:
yarr...@xxxxxxxxx wrote:
On 10 maalis, 16:29, David Eather <eat...@xxxxxxxxxx> wrote:
battles wrote:
Just for your interest/discussion. I have found a freeware program
that quickly changes a user's small, easily remembered password into a
more formidable one. You simply type in a short password into a
password box, highlight it, and then press F8 (any Fn key can be
chosen). The short password is then changed into a salted (you
provide the string to salt it with) MD5 equivalent with the ability to
choose the outcome length (8 - 32). I have a password that I always
use and alter it with the same criteria that I get from each website.
The program can be found here:
http://cdn.simtel.net/pub/simtelnet/win95/secmisc/SSOverride.zip
If the program also does what is called password stretching then it has
some value. With password stretching a source of some entropy (your
password) is sent to a hash function and hashed multiple times - 1000 is
a common number.
The program allows using a secret salt with the hash function, which
works effectively as a key.
So it calculates (basically) H(key+short_password). Finding the key
("salt") is not a trivial problem if it's properly chosen, no matter
how many hash results are known or even if the "short passwords" are
known. Brute-forcing through just possible "short passwords" is not
considered possible (with a strong hash function) unless the key is
known. Brute-force must also go through all keys. It doesn't matter
how weak your "short passwords" are if the main key ("salt") is
strong.
Salt is normally considered public. No doubt it is stored somewhere as
unencrypted data, and so not helping at all against some types of attack.

It is only stored locally, I did say "salt" because I'm not sure if
it's a fully accurate description in this case, key would perhaps be
more descriptive. If an attacker has access to it, you have already
lost anyway. I have trouble understanding how the concept of this
would not seem trivially obvious.

If someone is trying to brute force their way into something like a website or a bank account then the salt helps you regardless of a good or bad password. If a TLA grabs your computer and you refuse to give them the password then the salt doesn't help and you are protected only by the good or bad password. Is that a trivially obvious enough attack for you?

If you get shitty whenever you miss something then it's better you don't ask the question.



A scheme that works effectively
equivalently would be to encrypt the short password (which can as well
be the site's name, doesn't matter at all if it's known) with your
main key and use the encrypted version as a password for the site. You
can xor the encrypted version with your main password before using it
to make it a hash but it doesn't matter. And you can't make an attack
assume that the attacker has access to the key.
.