# Re: Paper & pencil password algorithm

James Taylor wrote:
David Eather <eather@xxxxxxxxxx> wrote:

James Taylor wrote:

Well the idea I described earlier in the thread was to initialise a
random number generator using a keyed hash of the website name. I think
I'll be fairly safe using even a simple random number generator given
that the output is fairly short, so it's just the hash function I still
need. It has to output very different results for small changes in the
input string.
this is my last thought on this. I think this is possible given the
constraints of pencil and paper. The method does need further checking.

Firstly, thanks very much for having a go at this for me. You were the
first to present a concrete algorithm with a worked example I can
follow, and the closest so far to the solution. Sorry, I took so long to

encode the name of the web site with a variant of the NKVD cipher.
Repeating the website name as often as necessary to get the required
length (12 in this example). Use numbers directly, alpha and "." encoded
as in the table below and any other char ("/", "-", "_")encoded as "?" (69)

0123456789
+----------
|at one sir
2|bcdfghjklm
6|pquvwxyz.?

My understanding is that this device is called a "straddling
chequerboard", at least that's what Wikipedia calls it. I couldn't find
any specific reference to NKVD cipher.

The cipher was originally used the Russian Nihilist movement who did not use the single digit encoding of 8 letters to represent the most common letters. The NKVD then used this cipher and by 1940 it had the property you see now - the 8 most common letters are encoded as single digits. The type of cipher is technically described as a straddling
chequerboard.

"citibank.com" becomes 218182004276

Ok, I see. But I think the final 6 is extraneous, right?

Yes.

encode your password the same way (or use a number directly)

"money" becomes 293456629345

create a checksum of the website number by adding all the digits together.

2181820042768213 ("citibank.com") is 41

Shouldn't there be a 29 on the end?

"citybank" to 12 digits is 218182004276 - the checksum is 41. I was screwing around with a computer program using different lengths - as you can see I was not entirely successful in posting just 1 version.

The checksum is a nice touch. This should result in quite different
output for sites that start the same but end differently, which is
important for this application. However, simply summing the digits will
not pick up transpositions of characters. For example, secret-cam.com
and secret-mac.com would give the same checksum, and thus almost the
same password would result. So I think we need a different checksum
function.

The simplistic function that does that is called the Fletcher's checksum
http://en.wikipedia.org/wiki/Fletcher%27s_checksum
I weighed the complexity against how often such a situation as the one you describe occurs in real life and decided that it is too complex to do by hand for the benefit it provides. How many of the websites you now use cause this problem?

repeat the checksum to the desired length i.e. 414141414141

add all the digits to give your website password (truncate the result if
there is a carry in the MSD)

218182004276
293456629345
414141414141
------------
925780047762

So you are adding with a carry rather than adding each digit modulo 10.
Most of the similar ciphers I've been reading about add modulo 10
without a carry. Do you happen to know whether a carry is more secure or
less secure? Perhaps the carry would bias the frequencies and allow easy
cryptanalysis.

Modern cipher may use either function - XOR is addition without carries and other ciphers use addition mod 2^x

In hand ciphers adding with addition got it's bad reputation from poor use of the Nihilist cipher where the final carry was recoded - effectively giving away some information to the unauthorised decrypter that wasn't needed by the intended recipient. It doesn't happen here because you throw away the final carry. This is addition mod 10^x.

I guess it may not matter too much for this application as long as the
final output is very different for similar sites, and each new password
for a particular site followed no obvious pattern.

for "citybank.com" - note spelling. this all becomes

218166200427
293456629345
393939393939
------------
905562223711

which is different in most digits.

Yes, it certainly looks pretty good. Thank you.

With some refinement it might just work, but we

Who's this "we" you talk about? Did I not say "this is my last thought on this". If you want to add a different checksum go ahead, but I think you will find that it is too much work and particularly too error prone to work.

certainly need to avoid
the secret-cam/secret-mac problem with a better checksum before calling

.

## Relevant Pages

• Re: Paper & pencil password algorithm
... random number generator using a keyed hash of the website name. ... Repeating the website name as often as necessary to get the required ... create a checksum of the website number by adding all the digits together. ... The checksum is a nice touch. ...
(sci.crypt)
• Re: encryption with pi
... > n'th digit of Pi can be done in constant time (without ... The algorithm is quite fast. ... > million digits of Pi is TRIVIAL. ... the fact that the keyspace of the cipher,, ...
(sci.crypt)
• Re: Excel VBA Macro to input data on website - problem with HTML language
... Im using the code below to successfully log on a website with username ... input boxes, each with 4 digits, the 5th with 3 digits. ... Once I know what it is, I can usually work out how to access it from ...
(microsoft.public.excel.programming)
• FLOSS-friendly websites
... I recieved a notification that my car tax ... and it said that I could use the website to do it. ... so I did and expected problems. ... OK, there were a couple of niggles, fields not showing all of the digits ...
(uk.comp.os.linux)
• Re: proposal for a BOFH holiday
... digits made me think of creating a new holiday to be observed on April ... Take down a website or two. ... -- Lionel, about his owner, in the Monastery ...