Loading…

		

		
		
		
		
		

	
						
		
			

				
				

					
					
Encryption Passwords

				

				
				

					


	
How to Choose a Good Password


	


		

			Nothing seems to be simpler than password – just choose a word and keep it secret.
			Unfortunately, it is not always as simple as that. While choosing a password is
			certainly not rocket science, you still need some basic understanding in order to be sure
			that your password is “good” and is not just a nice surprise for any would-be hacker.
		



		
How long should it be?


		

			Ciphers use binary keys, not text passwords. Encryption programs, such as Kryptel,
			use special technique (called hashing or digesting) to convert a user-supplied text
			password into a binary key suitable for encryption. So the first question is: how long
			should a password be in order to produce a good encryption key?
		


		

			For example, if your password is one letter long, then there are only 26 possible
			passwords. No matter how strong the underlying cipher is, that kind of encryption could
			be broken in minutes. The total strength is determined by the strength of the weakest
			link, and one-letter password is pretty weak.
		


		

			Modern ciphers typically use 128-bit keys. Some ciphers use longer keys – 192 bits,
			256 bits, or even longer, but 128-bit key is considered sufficient because it is impossible
			to break a 128-bit key by trying every possible key (this method is called “brute force
			attack”). In order to make brute force attack inapplicable we need to know how many
			password characters would be enough for a 128-bit key.
		


		


			
A bit of math (you can skip it safely)

		     
			

				When we say that key size is 128 bits, this means that there
				are 2128 possible keys because one bit can take two values and there are 128
				of them. Likewise, a one-letter password provides 26 possible combinations, two
				letters - 26*26 = 262 combinations, and a password, consisting of k letters
				gives 26k combinations. In general, the number of possible passwords is
				Sk, where S is the alphabet size, and k is the password length.
			

		     
			

				It is easy to see that a password, corresponding to a 128-bit key, should satisfy the equation
			

		    
			

				Sk = 2128
			

		     
			

				or, using logarithms
			

		    
			

				k log S = 128 log 2
			

		     
			

				hence
			

		    
			

				k = 128 log 2 / log S
			

		     
			

				If the alphabet contains more symbols, S should be increased,
				however there is a question of symbol interdependency. For example, adding capital letters
				formally makes the alphabet size equal to 52, but in practice capitalizing first letters in
				some words will not give any noticeable increase in encryption strength. Likewise,
				digits and punctuation marks are not used arbitrarily and do not strengthen encryption
				as much as one can expect from the larger alphabet.
			

		     
			

				For the sake of simplicity, we compensate for symbol interdependency by assuming
				a smaller alphabet size. The following values seem to be good conservative estimates
				for S:
			

		    
			
    
				
  • 30 if the alphabet consists of upper- and lower-case letters and punctuation marks,
    • 
				
  • 36 if the alphabet consists of upper- and lower-case letters, digits, and punctuation marks.
    • 
			

		     
			

				Using the equation for k above, it is easy to calculate
				the required password length. In order to provide enough material for a 128-bit key,
				a password, consisting of letters and punctuation marks, should be at least 26 characters
				long; if the password contains also digits, the length may be decreased to 24.
			


		


		
Recommended password size


		

			Here is a conclusion we can make from the equation above: for the highest security, use
			passwords at least 24 characters long; if security threats are not very high, 16 characters
			might be sufficient (which roughly corresponds to a 80-bit binary key).
		



		
Okay, it should be long... is that all?


		

			Not quite. A long enough password is usually all you need, but there is a pitfall that
			must be avoided. Random passwords like “RL3h2yKQsnFqUI71zWmm7ca” are not
			suited for humans because they are impossible to remember. Passwords that can be remembered
			are always based on natural language words and so are susceptible to so-called dictionary attack.
		


		

			Here is a simple example. In theory the password “Harry Potter” is not
			that bad (even if a bit short), but in reality its strength is close to zero. The first
			thing the hacker will do is trying all your personal data (such as the names of your spouse
			or your pet). The next attempt will be based on well-known word combinations
			(“Harry Potter” fits here). After that the hacker will be trying all
			possible word combinations in the hope that your password consists of several natural
			language words. While this looks like a huge task, computers can do it fast enough.
			In any case, it can be done many times faster than trying all possible passwords
			character-by-character.
		


		

			This weakness can be reduced. Even the smallest distortion of the pass phrase, or
			a punctuation mark, can make the password more resistant to dictionary attack. For instance,
			“Harry Potter” is one of the worst passwords ever, but
			“Harry*Potter” is much better. Although this does not render dictionary
			attack impossible, using non-letter characters makes it very costly. Even a single
			punctuation mark or a special character would greatly improve any password. One asterisk
			in “Harry Potter” improves it a lot, adding more special characters,
			like “=>Harry*Potter<=”, will make it pretty usable and yet easy enough
			to remember. Adding syntax errors, breaking words, or capitalizing random letters would
			completely invalidate dictionary attack, but such a password would be too easy to forget,
			so this method should be used carefully.
		


		

			Another possible weakness is an interdependency of letters. Not all letter combinations are
			valid in natural languages, and if the attacker knows that the password consists of English
			words, he may save a lot of time by not trying invalid letter combinations. There are several
			ways to prevent such an attack – mixing English and foreign words, deliberately distorting
			words, capitalizing several letters inside the words, or just increasing the password length.
		



		
The most important thing to remember


		

			It is an obvious but often overlooked fact that password is something to be remembered.
			Even a bad password that you remember is infinitely better than an excellent password that
			you have forgotten. Time changes everything, and a password, which seems impossible to forget
			now, may be completely forgotten after several years pass. A chance to forget an old password
			is very real and this danger is no less serious than a possibility of a hacker attack.
		


		

			Don't use many passwords – one, at most two, would be enough. Prefer quality over
			quantity – choose a good long password and salt it with non-letter characters to make
			it resistant to dictionary attack. Use that password constantly and don't change it unless
			it is compromised. Regular usage is the only reliable way to remember a long complex
			password for years.
		


		

			Another thing worth mentioning is that the slightest mistake makes the password invalid.
			There is no such thing as an “almost right”, or a “very close”,
			or a “virtually the same” password. A password is either right or wrong;
			there is nothing in-between. A tiny error like typing a dot instead of a comma is enough
			to make decryption impossible even if the rest of the password was entered correctly.
		



		
Advices you better not follow


		

			There are several rather common recommendations that better be avoided. The reason is that
			those recommendations are intended for access passwords and are not suitable for encryption
			passwords.
		


		

			Access passwords are used to log into, or to get access to some resource. The system
			compares the entered password with a stored copy of the right password, and either grants
			or refuses access. A lost access password can be easily recovered; forgetting it is usually
			nothing more than a minor inconvenience.
		


		

			Encryption passwords are different. Software does not keep a copy of an encryption password,
			and if the password is lost, there is no way to recover it. If the software has no backdoor
			(and quality encryption software like Kryptel, of course, has none), then a lost password means
			that your data is lost without any hope of recovery.
		


		

			Access and encryption passwords are of very different nature and should be treated differently.
			Encryption passwords are to be chosen carefully, they are usually being used for years, and
			they are too valuable to risk losing them.
		


		
Advice: Use a combination of letters and digits.


		

			Speaking in general, it is not a bad advice, but digits are hard
			to remember. An easy-to-remember sequence, like your spouse's birth date, would hardly add much
			security because it is easy to guess. However, if you have a digit sequence that you are unlikely
			to forget, and at the same time a hacker can't guess it, then use it. Otherwise it might be safer
			to avoid digits.
		


		
Advice: Try to make your passwords as meaningless and random as possible.


		

			The persons, who give this advice, usually conveniently skip over the recommendation how
			to memorize such a password. Humans are not good at remembering “meaningless and
			random” character combinations, and writing them down defeats the whole password idea.
		


		
Advice: Change your passwords regularly.


		

			This is probably the worst advice ever. It might be useful for
			an access password, but in case of encryption this is the surest way to forget your password.
			Change your encryption password often, and you are guaranteed to lose your data soon.