I just filed a bug report against Debian before seeing your message. Will link to it whenever it appears.
1 Like
Found this post on Argon2 entropy calculation but I’m not able to wrap my head around it. I reached out to the author on Twitter who was one of the PHC organizers and can help us understand it. Would be very helpful when advising users to tweak their settings and the different trade-offs of memory size vs iterations.
https://www.reddit.com/r/crypto/comments/85jdsf/choosing_argon2_parameters_for_keepass/dw2d2t3/
1 Like
1 Like
Completed to perfection at last. Nobody makes an edit before consulting me please.
2 Likes
The edits are very, very nice.
(Edit: Re-read the page and saw the reference to physical dice & EFF list is still there - great.)
PS Why don’t we add you as maintainer of that page?
PPS Your math skills are showing (again) 
2 Likes
Thanks 
I went ahead and did that.
1 Like
Did we intent to install diceware by default or should we? Any other packages related to this thread while we are at it?
does it seems necessary more than keepassxc?
i think waiting for keepassxc for buster is better (or you can add it from backend repo similar to Tails).
or you mean diceware for terminal use? (though it contains some high issues in debian package, maybe it will be fixed in next releases)
Could try these instructions. They are incomplete and might be a little to complicated for some user though.
1 Like
I think we should encourage high risk users to default to physical creation of diceware passwords where possible (is already noted in wiki), and generally avoid software solutions, since it is inevitably flawed with ongoing and never-ending bugs, some of which will be shown to affect the security of “random” passwords generated by the said software in the future…
I mean, if heavily scrutinized software like APT can’t get their shit right with http download confirmation/verification without a semi-trailer wide hole existing for many, many years, then the likelihood of the diceware package being solid as a rock is to be frank, minimal.
Realistically no one is going to use the physical way because it is more complex and it will only serve to clutter up the page and drive users away when they see a massive wall of text. To the paranoid they can just follow the link and do their thing.
Also this is fatalist logic. If “all” software is fatally flawed then even a safe password is no good for anything since the programs you will use it for can be bypassed. I disagree with this position because some things work better than others and have proved themselves in the field.
Source?
The complexity of diceware is probably orders of magnitude less than apt. It also depends on well vetted components like the Linux PRNG.
OK, you caught me in a fatalistic moment.
Although I disagree on a minor point i.e. superiority of physical measures for the most hard core.
As another example, if I wrap my One Time Pad message (which of course I created using - again - physical measures like dice at home, no software involved for the IN / OUT pads), inside encrypted email, then any interloper inside my system can learn SFA, even if they have backdoored every software and physical component of my home system.
That is, they would see indecipherable encrypted text get entered into Thunderbird in real time… well good for them (totally impractical I know for real life purposes, but just saying) 
Well if you’re willing to go that far… why not also leave the note in a dead drop for your contact and burn it afterwards?
Computers can identify you and they can assign someone to follow you or break into your premises and steal your physically generated OTP.
True re: dead drop.
But I don’t think OTP is that far. I’ve tried it with generation of own pads, doesn’t take that long. If one meets their friends / colleagues on occasion and wants to really take their rights back, it is good to know I can have it using old techniques.
(Off topic) Philosophically, the modern propaganda insists we are powerless in the face of 3 letter agencies. That is false. More people need to realize it, when their communications are particularly super-private (rarely needed, but happens from time to time).
Further, since adversaries think they are omnipotent (wrong again), they will focus more effort and resources in cyber attacks over time. The corollary is less and less spent on physical interdictions and so on; increasing the success ratio of hybrid techniques in the process.
It’s just another technique to take advantage of their blindspot, resulting from their own delusions.
Anyway, I better not hijack this thread further.
1 Like
There is some interesting edits in the Passwords page, but IMO it would be better off in a ‘Technical Notes’ section or similar towards the bottom. Right now it overly complicates what should be a basic intro to principles of passwords that can’t be cracked easily.
Normal Whonix users are not mathematicians, so they don’t care for (nor will read, nor generally understand) all the points being made there. I think the tone of general forum help requests backs that point up.
1 Like
Rejected. Too verbose and complicates what is mean to be a simple straightforward description and page. Also omitted some important references. In my PoV that page is pretty much complete and there isn’t much to really add or subtract from it.
1 Like
More interestingly I want to know what the F is minentropy and what does it mean for password strength:
The wiki description is just as useless and complex as the paper on this.
1 Like
Deleted some posts due to legal reasons.
1 Like
All related wiki edits were removed due to potential copyright/licensing issues.
1 Like