passwords! (p5)

brian carroll electromagnetize at gmail.com
Fri Nov 15 18:09:20 PST 2013


// incompleteness of completeness, additional oddity...


   if considering [password] as a bit-set instead of linear string,

   such that [p|a|s|s|w|o|r|d] could itself be variable, per bit,


   ex. [pass|word|1234|bluegreen]


   then, if a password service used this principle, instead of

   requiring just 8-12 alphanumerics plus allowed special characters

   as the basis for /security/, instead what if it was 3-4 sets instead,

   themselves having special rules...


   [set1|set2|set3|set4]


   in this way, a 'rolling password' could be developed in that

   the sequence could be arbitrary or change, given the instance

   or interaction, which may or may not include changing variables

   (months till b-day, temperature in zipcode, etc)


   in other words:


  [password]  --->  [pass][wo][r][ds]


  whereby, via its continual dynamic state, could exist in multiple

  versions by default, and then have this managed between client/server


  [1][2][3][4]  --->  [2][4][1][3]


  [pass]-[wo]-[r]-[ds]   --->   [wo]-[ds]-[pass]-[r]


  this could extend into sequences of not only alphanumerics

  through also icons (picked amongst many on the server, thus

  creating more unknowns), say choose 1 of available 20 icons,

  which is not included in stored password, nor its place in

  sequence knowable to attacker...


  [pass][icon13][wo][r][ds]   --->  [icon13][wo][ds][pass][r]


  thus a changing string made up of subsets rearranged that

  may even have non-stored variables [#], icons or other approach


       [3b]-[alphanum1a]-[5e]-[32^F]-[4d]-[icon]-[2c]

       [2c]-[3b]-[alphanum1a]-[4d]-[icon]-[67^F]-[5e]


  then the probabilities and computation is upped exponentially

  even if accessing some part of the correct code, which may not

  be reliably reused, seemingly the more subsets, more security

  from an initial attack-- thus even if one instance of passwords

  were found, they could be changed or even transformed into

  another set and detach from those lost, locking out else

  deactivating the previous versions. a lot could seemingly

  be done with this though a secure environment would be

  required which seems difficult to guarantee if not allow

  for sake of someone elses interests, known & unknown


𝓶 𝟡 𝑤
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3068 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20131115/b7f757fe/attachment-0001.txt>


More information about the cypherpunks mailing list