Protecting your private key - passphrase
Stefan Claas
spam.trap.mailing.lists at gmail.com
Thu Dec 10 16:11:02 CET 2020
Hi all,
while playing with hashcat, diceware passphrases and entropy
checkers I thought why not try to create a little program that
you can input your passphrase and it gets converted to a random
chars string (40 chars), based either on sha256+base91 or
ripemd-160 output.
The idea here is to use phrases which makes no sense but
can easily been remembered and then get converted so that
you always have IMHO good random input for GnuPG.
For that task I created two little Golang programs which
asks the user to input a phrase that makes no sense and
while the user is typing in his passphrase bullets are
displayed, like in pinentry, and then the random 40 chars
get copied to the clipboard, so that users can paste
the passphrase into GnuPG.
In order that this works under Linux/Unix too you need
to install xclip or xsel and don't forget to clear the
clipboard after usage.
Example #1
Input: Alice+eats&red+stones
Output program #1: 8rW3<HnS!UCQ)83@(|t{QRR<KDhJ$`]&k(b;yJjE
Output program #2 a6a549d45f1e5c3fabfba37003541c3fa7f26d13
Exampl #2
Input: grüne-Füchse-fliegen#weich (= green-foxes-flying#soft)
Output program #1: $j{hDH!5m4O[9JcPVBbHLlM^]R]RJ%yJoPr:IxAD
Output program #2: 89216958ceed145dd03a6d23afa7ae93b27457e9
Example #3
Input mixed languages question: has*Bob*deutsche*ÄÖÜs?
Output program #1 fq7Mr469cU#d%uOIX?zG?:^@^y[n152_OUvp8|gB
Output program #2 9f770781c96d72b9974421ea72b523c019714a1f
Hope you like the idea and maybe others come up with better
solutions.
Attached are the two programs as Golang source code.
Please note I am only noodling around with Golang and I am
not a programmer!
Regards
Stefan
Resources:
https://www.gnupg.org/gph/en/manual/c481.html
https://www.armourinfosec.com/password-cracking-with-hashcat/
http://passwordstrengthcalculator.com/index.php
http://rumkin.com/tools/password/passchk.php
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ep_sha256+base91.go
Type: application/octet-stream
Size: 457 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20201210/36615364/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ep_ripemd160.go
Type: application/octet-stream
Size: 453 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20201210/36615364/attachment-0001.obj>
More information about the Gnupg-users
mailing list