Re: Using Diceware, BIP39 and leetspeak for Argon2id keys

Rich wrote:

Stefan Claas <pollux@tilde.club> wrote:

Rich wrote:

Then do an actual "memory test".  Try to memorize it, then give yourself
varying lengths of time between not 'remembering' it to see how well
you can retain the random words.

 
Ok. I will do.
 

I predict you'll find that without periodic refreshment, that after an
unexpected short time, you'll have mis-remembered at least one word or
the order of at least one word.

 
Well, what would you suggest then,

 
Dicewords, etc. are good, and have usefulnesses, but are not a panacea.
 
For some individuals with better memory ability, they will work well. 
For a fairly large group of "general people" they will be ok provided
they get periodic refreshing (i.e., usage, to reinforce the memory). 
And for some subset of "general people" they won't be able to remember
even six dicewords in their native language accurately the very next
day.
 
The solution, as Bruce Schriber has stated, is to "write them down" and
store the slip of paper in some reasonably secure manner (one of his
recommendations was on one's wallet).  Naturally if dealing with
spycraft and border searches then this changes radically, but for that
usage all but the worst subset of memories could likely replay six dice
words in their head just long enough to make it through a border
crossing search (to be written down again on the other side of the
border).
 
They *very much* do improve over asking a human to remember something
like (this is just the md5sum of 1k of /dev/urandom data):
 
038d71180f7880dca1125e160e1258df
 
But for all but the, say, top 10% of memory ability folks, they will
need to be "using" the diceword phrase on a fairly regular basis to
have any hope of remembering them long term. 
 

Beyond the few 'memory savants', most human memories, without periodic
refreshing, are quite lossy.  More like DRAM than SRAM.

 
Well, then old school saying: practice makes perfect.

 
For all but the bottom 10% of memory ability folks, likely yes, but
they do need a reason to 'practice' the phrase.  Without that practice
they will have it quickly slip their mind.

Ok, understood. Another approach without diceware.
Your thoughts please, gentlemen.

I will use four programs Argon2id, eh (Eurasia-Hasher (one can use the
SHA families instead)) p2m (password to mnemonic) and leetspeak. This
approach should allow many variations, because users can easily repeat
steps, mix them etc. One only has to remember his password/passphrase
(and a salt), like he usually does and variable steps, which should be
IMHO easy to remember.

$ argon2id -p mypassword -s mysalt
0d6cffc82dd3ccd149a3228d1a08cb1007b67cf4ad8c28083665f834478360d0

with leetspeak

$ argon2id -p mypassword -s mysalt | leetspeak
0d6cffc82dd3ccd14943228d1408c81007867cf44d8c28083665f834478360d0

$ p2m -password 0d6cffc82dd3ccd14943228d1408c81007867cf44d8c28083665f834478360d0
24-word mnemonic:
public tragic scan you once possible census drink fossil dragon surround
hammer joke position conduct easy zebra behave april tower couple duck
portion cube

Entropy (hex):
ad1cdf00ff99a9510952185be8436a34478550cbb22eff828c2bf3131287aa11

$ echo ad1cdf00ff99a9510952185be8436a34478550cbb22eff828c2bf3131287aa11 | eh -sm3
11424cb7f3a1fbd806283f23dac38cc067dfa560e99cc18126647ef65b12a8d0
(this hash sum is done with the chinese SM3 hash algo)

So, now I have a deterministic 256 bit key, from the last step.
(11424cb7f3a1fbd806283f23dac38cc067dfa560e99cc18126647ef65b12a8d0)

Like I said one can mix and repeat or omit steps to his heart content,
without remembering Diceware passphrases, while others can use Diceware.

I guess this is now a more flexible approach.

--
Regards
Stefan