Re: Memorizing a 128 bit / 256 bit hex key

On 6/19/2024 12:35 PM, Stefan Claas wrote:

Chris M. Thomasson wrote:
 

On 6/18/2024 6:55 AM, Stefan Claas wrote:

You thoughts please, gentlemen.
>
Let's say you travel and do not want to store your secret hex key on your
device and recreate it from memory.
>
What do you think about this proposal?
>
$ printf '%x' $(date -u -d '1979-01-01 12:34:56' +%s) $(date ...) 4 or 8 times.
>
One has to remember only the dates (times are optional) and then simply run the
one liner.
>
The encryption software can be downloaded when one arrives at his destination.
>

>
Generate a hex key from a password? It seems like my site can do it:
>
http://fractallife247.com/test/hmac_cipher/ver_0_0_0_1?ct_hmac_cipher=2bf63f8ee90dfed997b115aa711600c45a8212a1e35f4f75ccfa36ee459b3fedd8b5f477ebb8871dd94025e7731f39cf7650f864fd6d5ce6908bb2609f96e81a413ccf40b33380a569155cb79612def387c76dd1ae436bcb4fb8c9b959be255708d020d559e07492ba24aae3705ba700a5d9c857418a0050d9ad5935efbfc36b895329cabeacbc7cefdee04834b4d392e50501c55587361bd6ca7337083fcd16ddf95d50072ea61cf2aaeb45d4d676abf93d39ad0a386399d55f2d0dba6be91521068f1120573e96aa1d81362e62f91bf88f63fe159175c13a1abec4184aae1cadfe2e18be27cac0fbefbae0c57cec531bc71e8a86d0f15a727e98bafe0239c5fd06a250e7f6
>
It encrypts a key using the default password. The key is generated using
the same program. This example basically generates a key using the
default password, then encrypts said key using a different password.
>
Everybody can decrypt the generated key because the ciphertext in the
link uses the default password:
>
https://i.ibb.co/BybrYDw/image.png
>
The plaintext is:
>
A key:
>
f65952b125ba6860e21aef9c55e69e0612b153e5fd2599ac00b67945f9bec7563d5edf8bf9fa0db27aeb78b0c8f40f0a6a69b2cd720d59ecc73a01c1ccad0933cfe9e014dda35db6eaba760c9dbdff0f4ad24c5b702baab8e225189179b8bd

 Your site says it does key generation from 64 random bytes. How do you remember the key
when traveling, with no device? Or how can you trust your site, when your are on annual leave, out of your country, and some bad boy customized your site?
 

Well, yeah. Shit. Sorry what I wrote does not solve your problem. The problem is on my end for your specific goal. The issue is is that each time you click encrypt on my site, it will generate a new ciphertext even if the plaintext is the same. I take it that this is not what you are looking for! Am I right that you want the same ciphertext generated for each encryption? A password creates a unique key, in the form of the generated ciphertext?
Fwiw, my online program needs to use an actual TRNG to follow my rules here:
http://funwithfractals.atspace.cc/ct_cipher/
Using a TRNG for the following function in my code is ideal in:
https://fractallife247.com/test/hmac_cipher/ver_0_0_0_1/ct_main.js
___________
function ct_rand_bytes(n) {
     var output = new Array();
     for (var i = 0; i < n; ++i) {
         var byte = Math.floor(Math.random() * 255);
         output.push(byte);
     }
     return output;
}
___________
That is NOT using a TRNG, ARGH!!!