• Grass@sh.itjust.works
    link
    fedilink
    arrow-up
    95
    arrow-down
    1
    ·
    edit-2
    5 months ago

    this is gold yet I don’t know anyone who would get it that I can share it with

    • Flying Squid@lemmy.world
      link
      fedilink
      arrow-up
      32
      arrow-down
      2
      ·
      edit-2
      5 months ago

      I just shared it with a bunch of people while also telling them that I didn’t care if they didn’t get it and I wasn’t going to explain it.

      They’re used to this.

      Edit: 2 of them got it. That’s pretty good for me. I’ve played to smaller crowds.

    • cm0002@lemmy.world
      link
      fedilink
      arrow-up
      94
      arrow-down
      8
      ·
      5 months ago

      I would hope so, sentences and words are some of the most secure passwords/phrases you can use

      • bjorney@lemmy.ca
        link
        fedilink
        arrow-up
        38
        arrow-down
        17
        ·
        edit-2
        5 months ago

        Words are the least secure way to generate a password of a given length because you are limiting your character set to 26, and character N gives you information about the character at position N+1

        The most secure way to generate a password is to uniformly pick bytes from the entire character set using a suitable form of entropy

        Edit: for the dozens of people still feeling the need to reply to me: RSA keys are fixed length, and you don’t need to memorize them. Using a dictionary of words to create your own RSA key is intentionally kneecapping the security of the key.

            • sus@programming.dev
              link
              fedilink
              arrow-up
              3
              ·
              5 months ago

              you memorize the password required to decrypt whatever container your RSA key is in. Hopefully.

                • sus@programming.dev
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  5 months ago

                  I think this specific chain of replies is talking about that actually… though it is a pretty big tangent from the original post

        • Jtotheb@lemmy.world
          link
          fedilink
          arrow-up
          4
          ·
          5 months ago

          Sounds like a good point, but claiming that “Words are the least secure way to generate a password 84 characters long” would be pointless.

          • sus@programming.dev
            link
            fedilink
            arrow-up
            1
            ·
            5 months ago

            and some people will try to just hold a key down until it reaches the length limit… which is an even worse way to generate a password of that length

        • shrugs@lemmy.world
          link
          fedilink
          arrow-up
          5
          arrow-down
          1
          ·
          edit-2
          5 months ago

          so you are saying 44 bits of entropy is not enough. the whole point of the comic is, that 4 words out of a list of 2000 is more secure then some shorter password with leetcode and a number and punctuation at the end. which feels rather intuitive given that 4 words are way easier to remember

          • bjorney@lemmy.ca
            link
            fedilink
            arrow-up
            1
            arrow-down
            1
            ·
            5 months ago

            No im saying if your password size is limited to a fixed number of characters, as is the case with RSA keys, words are substantially less secure

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          2
          ·
          5 months ago

          That’s why you need lots of words. (6) If you combine that with a large word list it gets very secure.

        • intensely_human@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          5 months ago

          character N gives you information about the character at position N+1

          There is no point in a password cracking attempt during which the attacker knows the character at N but not the character at N+1

          • bjorney@lemmy.ca
            link
            fedilink
            arrow-up
            1
            ·
            5 months ago

            If you know the key is composed of English language words you can skip strings of letters like “ZRZP” and “TQK” and focus on sequences that actually occur in a dictionary

      • ClamDrinker@lemmy.world
        link
        fedilink
        arrow-up
        13
        arrow-down
        1
        ·
        edit-2
        5 months ago

        While this comic is good for people that do the former or have very short passwords, it often misleads from the fact that humans simply shouldn’t try to remember more than one really good password (for a password manager) and apply proper supplementary techniques like 2FA. One fully random password of enough length will do better than both of these, and it’s not even close. It will take like a week or so of typing it to properly memorize it, but once you do, everything beyond that will all be fully random too, and will be remembered by the password manager.

      • Fillicia@sh.itjust.works
        link
        fedilink
        arrow-up
        4
        ·
        5 months ago

        The part where this falls flat is that using dictionary words is one of the first step in finding unsecured password. Starting with a character by character brute force might land you on a secure password eventually, but going by dictionary and common string is sure to land you on an unsecured password fast.

            • Zangoose@lemmy.world
              link
              fedilink
              arrow-up
              7
              ·
              5 months ago

              That’s true but in practice it wouldn’t take 60^11 tries to break the password. Troubador is not a random string and all of the substitutions are common ( o -> 0, a ->4, etc. ). You could crack this password a lot easier with a basic dictionary + substitution brute force method.

              I’m saying this because I had an assignment that showed this in an college cybersecurity class. Part of our lesson on password strength was doing a brute force attack on passwords like the one in the top of the xkcd meme to prove they aren’t secure. Any modern laptop with an i5 or higher can probably brute force this password using something like hashcat if you left it on overnight.

              Granted, I probably wouldn’t use the xkcd one either. I’d either want another word or two or maybe a number/symbol in between each word with alternating caps or something like that. Either way it wouldn’t be much harder to remember.

              • 14th_cylon@lemm.ee
                link
                fedilink
                arrow-up
                3
                ·
                5 months ago

                Troubador is not a random string

                except it is not troubador. it is troubador, ampersand, digit.

                if you know there are exactly two additional characters and you know they are at the end of the string, the first number is really slightly bigger (like 11 times)

                once the random appendix is 3 characters or more, the second number wins

                https://www.wolframalpha.com/input?i2d=true&i=Divide[Power[2048%2C4]%2CPower[256%2C3]*Power[2%2C4]*4*500000]

                and moral of the story is: don’t use xkcd comic, however funny it is, as your guidance to computer security. yes, the comic suggestions are better than having the password on a post-it on your monitor, but this is 21st century ffs, use password wallet.

                • sus@programming.dev
                  link
                  fedilink
                  arrow-up
                  2
                  arrow-down
                  1
                  ·
                  edit-2
                  5 months ago

                  if you know there are exactly two additional characters

                  this is pretty much irrelevant, as the amount of passwords with n+1 random characters is going to be exponentially higher than ones with n random characters. Any decent password cracker is going to try the 30x smaller set before doing the bigger set

                  and you know they are at the end of the string

                  that knowledge is worth like 2 bits at most, unless the characters are in the middle of a word which is probably even harder to remember

                  if you know there are exactly two additional characters and you know they are at the end of the string, the first number is really slightly bigger (like 11 times)

                  even if you assume the random characters are chosen from a large set, say 256 characters, you’d still get the 4-word one as over 50 times more. Far more likely is that it’s a regular human following one of those “you must have x numbers and y special characters” rules which would reduce it to something like 1234567890!?<^>@$%&±() which is going to be less than 30 characters

                  and even if they end up roughly equal in quessing difficulty, it is still far easier to remember the 4 random words

        • sus@programming.dev
          link
          fedilink
          arrow-up
          7
          ·
          edit-2
          5 months ago

          this assumes a dictionary is used. Otherwise the entropy would be 117 bits or more. The only problem is some people may fail to use actually uniformly random words drawn from a large enough set of words (okay, and you should also use a password manager for the most part)

        • shrugs@lemmy.world
          link
          fedilink
          arrow-up
          5
          arrow-down
          1
          ·
          5 months ago

          see, you didn’t get the whole comic. 4 words out of a dicitionary with 2000 words has more combinations then a single uncommon non gibberish baseword with numeral and puction at the end. as long as the attacker knows your method.

          a dicitonary attack will not lower the entropy of 44 bits, thats what the comic is trying to say

    • ShortFuse@lemmy.world
      link
      fedilink
      arrow-up
      13
      arrow-down
      1
      ·
      edit-2
      5 months ago

      Yeah, except for the first few bytes. PKCS8 has some initial header information, but most of it is the OCTET_STRING of the private key itself.

      The PEM (human “readable”) version is Base64, so you can craft up a string and make that your key. DER is that converted to binary again:

      /**
       * @see https://datatracker.ietf.org/doc/html/rfc5208#section-5
       * @see https://datatracker.ietf.org/doc/html/rfc2313#section-11
       * Unwraps PKCS8 Container for internal key (RSA or EC)
       * @param {string|Uint8Array} pkcs8
       * @param {string} [checkOID]
       * @return {Uint8Array} DER
       */
      export function privateKeyFromPrivateKeyInformation(pkcs8, checkOID) {
        const der = derFromPrivateKeyInformation(pkcs8);
        const [
          [privateKeyInfoType, [
            [versionType, version],
            algorithmIdentifierTuple,
            privateKeyTuple,
          ]],
        ] = decodeDER(der);
        if (privateKeyInfoType !== 'SEQUENCE') throw new Error('Invalid PKCS8');
        if (versionType !== 'INTEGER') throw new Error('Invalid PKCS8');
        if (version !== 0) throw new Error('Unsupported PKCS8 Version');
        const [algorithmIdentifierType, algorithmIdentifierValues] = algorithmIdentifierTuple;
        if (algorithmIdentifierType !== 'SEQUENCE') throw new Error('Invalid PKCS8');
        const [privateKeyType, privateKey] = privateKeyTuple;
        if (privateKeyType !== 'OCTET_STRING') throw new Error('Invalid PKCS8');
        if (checkOID) {
          for (const [type, value] of algorithmIdentifierValues) {
            if (type === 'OBJECT_IDENTIFIER' && value === checkOID) {
              return privateKey;
            }
          }
          return null; // Not an error, just doesn't match
        }
      
        return privateKey;
      }
      

      I wrote a “plain English” library in Javascript to demystify all the magic of Let’s Encrypt, ACME, and all those certificates. (Also to spin up my own certs in NodeJS/Chrome).

      https://github.com/clshortfuse/acmejs/blob/96fcbe089f0f949f9eb6830ed2d7bc257ea8dc32/utils/certificate/privateKeyInformation.js#L40

      Edit: To be specific, PKCS8 is usually a PKCS1 (RSA) key with some wrapping to identify it (the OID). The integers (BigInts) you pick for RSA would have to line up in some way, but I would think it’s doable. At worst there is maybe a character or two of garbage at the breakpoints for the RSA integers. And if you account for which ones are absent in the public key, then anybody reading it could get a kick out of reading your public certificate.

    • MehBlah@lemmy.world
      link
      fedilink
      arrow-up
      5
      ·
      5 months ago

      It the length not the content for the most part. Some keys have syntax such as leading or trailing characters.

  • wizzim@infosec.pub
    link
    fedilink
    arrow-up
    7
    ·
    5 months ago

    While the joke is funny, what is the context? Why did she post the original tweet in the first place?

    • MystikIncarnate@lemmy.ca
      link
      fedilink
      English
      arrow-up
      7
      ·
      5 months ago

      It’s lady gaga.

      If you’ve followed her at all, even indirectly, this is NOT the weirdest thing she’s done, and bluntly, the weirder stuff wasn’t justified (to the public at least).

      I’m not trying to throw shade at Gaga at all. Lady, let your freak flag fly all day long. You don’t need my permission to do it, but if you want it, you got it. Weird isn’t bad, it’s just weird.

      IMO, at this point, gaga doesn’t need a reason to be weird.