Chapter 8 Security Practices and Tips

8.2 Passphrases: Doing Them Right

Chairman Bob announces the laws and rulings that best meet the needs of Sylvania’s citizens.”

Sam, amazed, asks,“But your Internet access is filtered--what about freedom of surfing? Don’t you want to be able to go to any web site you like?”

Bob says, “In Sylvania, Internet access is supported for furthering the arts, science, and commerce in Sylvania. Bandwidth in my country, like petroleum, is a limited resource, so we try not to waste it on memes and pictures of cats.”

“Sam, life in Sylvania is not so bad: we have our freedoms, even if it doesn’t seem that way at first glance. Our culture is different from yours, but we believe as you do in the rights of all. You will see when we arrive.” Bob, pausing to sip some coffee, adds,“Also, you should know that citizens who criticize Sylvanian system or Sylvanian leaders are not actually executed: the usual punishment for a first offense is a 10-year term as support staff in the Sylvanian Legislature. It is punitive-- Sylvanian legislators are very bad bosses--but not excessively so. Let’s get back to talking about keeping secrets, please.”

“Sam, you’ve mentioned several times to use strong passphrases, can you explain what you mean by that?”

maximum of 95 tries; on average you’d succeed after trying about half of all possible combinations. If it takes 1 second to try each single- character passphrase, you’d need between 1 and 95 seconds to crack it, but on average you can expect to spend about 43 seconds.”

Sam continues:“For a 2-character passphrase, there are 95 options for the first character, and each of those options can be coupled with 95 options for the second character. Total number of combinations is 9539559025. Now, a brute-force attack will succeed in about an hour and a quarter instead of under a minute.”

“Each character you add to the passphrase multiplies the total num- ber of possible passphrases by 95, so a 10-character passphrase has 95 raised to the tenth power. That’s 953953953953953953 95395395395, about 60,000,000,000,000,000,000 different combi- nations. That’s60 billion billion.”

“If you used a lower-case-only passphrase, you’d have far fewer possible combinations: it would be 26 (number of lowercase letters) raised to the tenth power: 26¹⁰. That comes to about 147,000,000,000,000, or about 147,000 billion, a tiny fraction (about 1/400,000th) of the possibilities when you use upper- and lowercase letters, numerals and symbols.”

“So, 10-character passphrases should be safe, then, no?”Bob asks.

“Oh, goodness no,” replies Sam. “Well, not necessarily, anyway. It depends on who wants to crack your password, and how many compu- ters they have at their disposal, as well as whether your password is

‘easy’ to guess (by that, I mean, using ‘123456password’, or any pass- phrase that might be on a list of easy-to-guess passphrases). Let’s say your passphrase is reasonably random-seeming. With a 10-character lower-case-only passphrase, it takes (on average) about 70,000 billion trials to discover the passphrase. If one computer can try 1,000 pass- phrases per second (a reasonable supposition), it would take that com- puter about 70 billion seconds, or a couple of thousand years.”

“Is that good for my passphrase?” asks Bob.

“Not really. If it takes one computer two or three thousand years, you can crack the passphrase in two or three years with 1,000 compu- ters. That drops to a week or so with 10,000 computers--a couple of

hours with a million computers. If one computer costs $100--that cheap, because you’re buying in bulk, plus you don’t need individual disk drives, video display cards, and so on--that means you can crack almost any 10-character (lower-case-only) passphrase in an hour or two, for just $100 million,” says Sam.

“That seems like a lot of money, so I shouldn’t worry too much, right?” asks Bob, but Sam says, “We’re talking about multinational corporations and government agencies--with those guys, $100 million is a rounding error, it’s petty cash. The Pentagon spends about that much on one F-35 fighter jet.”

“It could still take years to brute force a strong 10-character pass- phrase (with upper- and lowercase letters, numerals, and symbols), but the people who write password cracking software rely on users picking passphrases with some pattern in them, like names followed by num- bers, so they focus attacks on likely combinations rather than simply trying every passphrase from‘A’ to‘zzzzzzzzzz’.”

“If you use a 12-character passphrase without patterns, you should be safe--from brute-force passphrase cracking. You still have to defend against keylogging and network monitoring and spoofing and social engineering² and rubber-hose cryptanalysis³ and all the other strategies for defeating your passphrase.” Sam pauses, but starts quickly before Bob can ask his next question:

“That’s not all, Bob. Remembering 12 random-seeming characters is difficult, and with GnuPG, if you forget your public key passphrase, you’ve lost the ability to use that passphrase completely. No passphrase recovery (other than trying to use passphrase cracking software yourself).

So, most users wind up writing their passphrases down, or even using pass- phrase keeper software⁴. In many cases, cracking passphrases is as easy as looking for yellow-stickies on, around, or under the computer itself.”

“Is there nothing to be done?” Bob asks. “Why use passphrases at all then?”

2Social engineering: use of interpersonal interactions to convince a person to reveal a passphrase or take some action against their own interest.

3Rubber-hose cryptanalysis: use of torture or coercion to recover a passphrase.

4Bruce Schneier’s Password Safe (http://pwsafe.org/) works on Windows, numerous“related pro- jects”support other platforms (http://pwsafe.org/relatedprojects.shtml).

87 Security Practices and Tips

“You can use a passphrase ‘safe’, but you’ve got to have a very strong passphrase to access the safe, and even then, just having it could be an invitation to enhanced interrogation.” Sam continues: “A more secure option is to use a sentence or verse or phrase that you can easily remember (but hard to guess), and build a passphrase from the first let- ter (or two or three) of each word, using punctuation and numerals where appropriate⁵. For example: ‘Mary had a little lamb, its fleece was white as snow. And everywhere that Mary went, that lamb was sure to go.’can be turned into a passphrase like this”:

Mhall,ifwwas.AetMw,tlws2g.

“Notice how I used punctuation and the numeral 2 (instead of the‘t’ from the word‘to’); both make the passphrase harder to guess. That’s a 26-character passphrase, but easy to remember. I wouldn’t use that one because it’s obvious, but you could use some other phrase or verse that you’re likely to know and remember but that an attacker would not know about. According to some experts, passphrases have outlived their usefulness, and should be supplemented with a second form of authenti- cation⁶. For now, a good passphrase is fine, just keep it safe.”

Bob ponders a bit, and then asks,“You also mentioned about RAMs and caches, how do they expose my passphrases or plaintexts? Explain please.”

8.3 DANGERS OF RAM CACHE AND OTHER SYSTEM