diff options
| author | Kaz Kylheku <kaz@kylheku.com> | 2022-10-18 08:13:22 -0700 |
|---|---|---|
| committer | Kaz Kylheku <kaz@kylheku.com> | 2022-10-18 08:13:22 -0700 |
| commit | 83c137c45b02652d4d14f7bd48f43b218f57ad47 (patch) | |
| tree | bbcd2574da36ea431d7e16dd512c6b62ef1a9cb1 | |
| parent | b852f5182bebd235c4becb5f18e4395b8fc475ca (diff) | |
| download | jp-hash-83c137c45b02652d4d14f7bd48f43b218f57ad47.tar.gz jp-hash-83c137c45b02652d4d14f7bd48f43b218f57ad47.tar.bz2 jp-hash-83c137c45b02652d4d14f7bd48f43b218f57ad47.zip | |
README: expand password security section.
* README.md: Strengthen the wording of the disclaimer;
add cautionary information. Add section discouraging use
as a digest.
| -rw-r--r-- | README.md | 52 |
1 files changed, 48 insertions, 4 deletions
@@ -81,14 +81,58 @@ trillion). This is about the size of the space of strings consisting of all combinations of 10 lower-case English letters, plus one more character chosen from a set of five. +It's also similar to the size of the space of all strings of 6 printable ASCII +characters followed by a digit. + It is also about the number of combinations expressed by a 49 bit integer. -A random string in this space has about that many bits of entropy. +A random string in these space has about that many bits of entropy. ## Are JP-Hash digests secure for password use? -JP-Hash is not advertised as being for a specific purpose. In a security -setting, each user must perform their own analysis to understand the security -risks of using any tool in certain ways and with certain inputs. +JP-Hash is not being promoted as being fit for any specific purpose. In a +security setting, each user must perform their own analysis to understand the +security risks of using any tool in certain ways and with certain kinds of +inputs, in relation to the value being protected. The user assumes all risk. + +The following cautionary remarks are provided, with the understanding +that they do not constitute a complete, discussion: + +* If a JP-Hash is being used as a password, the most prudent assumption is that + any attacker knows this, and is specifically attacking the space of possible + JP-Hashes (which, at 49 bits of entropy, is not very large). + To assume that the attacker doesn't know about JP-Hash is "security through + obscurity". + +* If the attacker knows that JP-Hash is being used as a password, + which must be assumed, then weak passwords are vulnerable, in spite + of generating "strong-looking" JP-Hash strings. + Example: the JP-Hash `Kera%bage9kerya` appears to be of similar complexity to + `Jasho1mogo?sase`. However, the former is the hash of the text `letmein`, + whereas the latter is the hash of `stark-theory-azimuth-goblet-13$17`. An + attacker who knows that the passwords are JP-Hashes can crack the + `Kera%bage9kerya` password by using a file of JP-Hashes of weak passwords + which will likely contain an entry for `letmein`, or, failing that, by a + brute force search up to the space of lower-case strings up to seven + characters long. + +* A JP-Hash used as as password must be also be regarded as an ordinary + password from the perspective of attacks which are oblivious to the + existence of JP-Hash. JP-Hashes are of variable length and may be as short + as eight characters. For instance `ai9ue/ou` is a possible JP-Hash which + looks like a short password compared to than `kyobyun9jakyu/choko`, and will + succumb to a brute-force search of the eight-character space. + +* Converting, to a JP-Hash, a password phrase which has significantly more that + 49 bits of entropy constitutes a degradation of security independently of all + other considerations. + +## Are JP-Hash digests secure message digests? + +* JP-Hash obviously contains too few bits to be suitable as a message + digest for security purposes. It's possible that it may be used as + an integrity checksum, perhaps comparable to a CRC48. However, it is produced + by a slow, wasteful calculation whose result has undesirable properties like + variable length. ## Example Hashes |