Security Basics mailing list archives
Good design for a Algorithmically Derived Passphrase for FDE (?!)
From: ManInWhite <maninwhite () tpg com au>
Date: Sun, 18 Nov 2007 15:21:44 +1030
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi List, I have been tasked with deploying partition based encryption for our fleet of laptops. It has been suggested that we use an algorithm derived passphrase based on some unique hardware number. [ HDD Serial# / Laptop Serial# ] (Is this the correct terminology?) Does anybody have any suggestions or corrections on what kind of function I should use to generate the passphrase? I was thinking something like: - -- Generate Pseudo Hash -- Unique Serial# = x f(x) = Ax^3 + Bx^2+ Cx + D (mod p) A, B, C, D are 'magic' numbers and p is prime - -- Translate Pseudo Hash into Passphrase -- num1 = f(x) mod 239 num2 = f(x) mod 241 num3 = f(x) mod 251 Look up num1, num2, num3 in word table, output passphrase Example: nb: Mathematica syntax, from testing A=34, B=12, C=-10, D=40, p=Prime[106+105], serial#=5864353 fhash = Mod[(34 #^3 + 12 #^2 - 10 # + 40), Prime[106+105]] & Table[Mod[fhash[5864353], p], {p, {Prime[52], Prime[53], Prime[54]}}] {9, 128, 160} -> "angry red kangaroo" Sample Runs: In= Table[Table[ Mod[fhash[n], p], {p, {Prime[52], Prime[53], Prime[54]}}], {n, 433565, 433610}] Out= {{188, 228, 178}, {134, 208, 95}, {108, 234, 133}, {188, 48, 126}, {163, 85, 212}, {237, 67, 93}, {136, 198, 224}, {1, 210, 122}, {162, 46, 110}, {219, 171, 22}, {200, 56, 247}, {70, 146, 236}, {33, 163, 193}, {230, 80, 137}, {35, 81, 140}, {4, 149, 36}, {165, 237, 214}, {5, 67, 125}, {206, 84, 224}, {16, 10, 213}, {54, 59, 111}, {172, 174, 241}, {209, 97, 186}, {193, 22, 84}, {89, 153, 139}, {101, 212, 53}, {131, 172, 96}, {31, 217, 89}, {118, 89, 117}, {181, 223, 67}, {185, 100, 143}, {95, 165, 47}, {52, 150, 49}, {147, 239, 221}, {219, 174, 146}, {57, 149, 213}, {104, 127, 124}, {86, 71, 83}, {207, 185, 43}, {130, 201, 23}, {185, 62, 95}, {211, 233, 93}, {236, 185, 155}, {225, 122, 234}, {80, 17, 98}, {131, 54, 70}} These triples appear to be (pseudo)random. Running it on a large range of possible serial numbers: In= Sort[Tally[ Flatten[Table[ Table[Mod[fhash[n], p], {p, {Prime[52], Prime[53], Prime[54]}}], {n, 433565, 500000}]]]] Out = {{0, 811}, {1, 847}, {2, 805}, {3, 796}, {4, 827}, {5, 803}, {6, 793}, {7, 849}, {8, 838}, {9, 836}, {10, 828}, {11, 835}, {12, 823}, {13, 806}, {14, 828}, {15, 820}, {16, 819}, {17, 858}, {18, 819}, {19, 771}, {20, 834}, {21, 849}, {22, 869}, {23, 822}, {24, 834}, {25, 815}, {26, 798}, {27, 848}, {28, 815}, {29, 853}, {30, 839}, {31, 802}, {32, 818}, {33, 824}, {34, 846}, {35, 830}, {36, 812}, {37, 790}, {38, 834}, {39, 825}, {40, 789}, {41, 857}, {42, 846}, {43, 850}, {44, 780}, {45, 766}, {46, 788}, {47, 787}, {48, 819}, {49, 799}, {50, 776}, {51, 815}, {52, 867}, {53, 871}, {54, 838}, {55, 796}, {56, 841}, {57, 791}, {58, 772}, {59, 814}, {60, 834}, {61, 838}, {62, 777}, {63, 761}, {64, 831}, {65, 813}, {66, 790}, {67, 738}, {68, 803}, {69, 830}, {70, 851}, {71, 824}, {72, 822}, {73, 811}, {74, 873}, {75, 797}, {76, 807}, {77, 859}, {78, 783}, {79, 791}, {80, 810}, {81, 781}, {82, 815}, {83, 818}, {84, 795}, {85, 797}, {86, 786}, {87, 839}, {88, 813}, {89, 799}, {90, 768}, {91, 825}, {92, 844}, {93, 799}, {94, 829}, {95, 835}, {96, 826}, {97, 812}, {98, 802}, {99, 773}, {100, 815}, {101, 800}, {102, 831}, {103, 849}, {104, 738}, {105, 831}, {106, 805}, {107, 820}, {108, 721}, {109, 818}, {110, 852}, {111, 845}, {112, 826}, {113, 806}, {114, 813}, {115, 809}, {116, 809}, {117, 823}, {118, 842}, {119, 825}, {120, 873}, {121, 800}, {122, 853}, {123, 806}, {124, 824}, {125, 788}, {126, 831}, {127, 802}, {128, 800}, {129, 827}, {130, 833}, {131, 810}, {132, 843}, {133, 837}, {134, 820}, {135, 818}, {136, 825}, {137, 791}, {138, 850}, {139, 807}, {140, 875}, {141, 796}, {142, 799}, {143, 845}, {144, 861}, {145, 767}, {146, 834}, {147, 834}, {148, 825}, {149, 852}, {150, 805}, {151, 826}, {152, 883}, {153, 804}, {154, 818}, {155, 817}, {156, 807}, {157, 805}, {158, 831}, {159, 856}, {160, 801}, {161, 812}, {162, 779}, {163, 845}, {164, 858}, {165, 802}, {166, 804}, {167, 772}, {168, 808}, {169, 829}, {170, 780}, {171, 828}, {172, 821}, {173, 811}, {174, 813}, {175, 824}, {176, 787}, {177, 789}, {178, 814}, {179, 851}, {180, 778}, {181, 820}, {182, 792}, {183, 850}, {184, 838}, {185, 792}, {186, 799}, {187, 837}, {188, 823}, {189, 848}, {190, 778}, {191, 861}, {192, 806}, {193, 833}, {194, 772}, {195, 829}, {196, 853}, {197, 868}, {198, 807}, {199, 823}, {200, 805}, {201, 820}, {202, 828}, {203, 796}, {204, 782}, {205, 837}, {206, 821}, {207, 790}, {208, 839}, {209, 808}, {210, 831}, {211, 805}, {212, 826}, {213, 842}, {214, 821}, {215, 859}, {216, 838}, {217, 841}, {218, 840}, {219, 818}, {220, 836}, {221, 848}, {222, 840}, {223, 817}, {224, 795}, {225, 848}, {226, 781}, {227, 907}, {228, 824}, {229, 825}, {230, 783}, {231, 818}, {232, 813}, {233, 819}, {234, 850}, {235, 822}, {236, 805}, {237, 835}, {238, 769}, {239, 540}, {240, 535}, {241, 285}, {242, 257}, {243, 271}, {244, 258}, {245, 266}, {246, 241}, {247, 293}, {248, 263}, {249, 246}, {250, 250}} Except for the final few values (239 to 250), the distribution of numbers is appears to be uniform. Is this a good way of doing this? Are there any fundamental mathematical flaws in this? I do realise that the three word passphrase may be the weak part, but there are issues with the end users remembering complex passwords or long passphrases. Ideas on strengthening this would be appreciated. If I have any gaping holes in my logic please tell me... MiW -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHP8TfmDNChCFC3rwRAoVsAJ9+SwJXEBtgcOtdAMwe0cbPjeM04QCgic7o XDkN52AvQZHe8GqlRWJQfFI= =28jn -----END PGP SIGNATURE-----
Current thread:
- Good design for a Algorithmically Derived Passphrase for FDE (?!) ManInWhite (Nov 19)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) Ansgar -59cobalt- Wiechers (Nov 19)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) ManInWhite (Nov 19)
- RE: Good design for a Algorithmically Derived Passphrase for FDE (?!) Arbogast, Paul (Citco) (Nov 20)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) Ansgar -59cobalt- Wiechers (Nov 20)
- RE: Good design for a Algorithmically Derived Passphrase for FDE (?!) David Gillett (Nov 20)
- RE: Good design for a Algorithmically Derived Passphrase for FDE (?!) Pranav Lal (Nov 21)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) ManInWhite (Nov 19)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) Ansgar -59cobalt- Wiechers (Nov 19)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) Ali, Saqib (Nov 19)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) Geoffrey Gowey (Nov 19)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) ManInWhite (Nov 20)
- RE: Good design for a Algorithmically Derived Passphrase for FDE (?!) Eric White (Nov 20)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) Geoffrey Gowey (Nov 19)