From: Jean Louis <bugs@gnu.support>
To: Yuri Khan <yuri.v.khan@gmail.com>
Cc: help-gnu-emacs <help-gnu-emacs@gnu.org>
Subject: About randomity, entropy, random passwords - was Re: Noob dumb question (extending emacs)
Date: Mon, 25 Oct 2021 23:29:43 +0300 [thread overview]
Message-ID: <YXcTt2EVcq1QDy7+@protected.localdomain> (raw)
In-Reply-To: <CAP_d_8WWJOa-ApaNfUm5BeOCN-fC7=eiZb+VM6VYHMoR9eb6dQ@mail.gmail.com>
* Yuri Khan <yuri.v.khan@gmail.com> [2021-10-25 23:12]:
> On Tue, 26 Oct 2021 at 02:25, Jean Louis <bugs@gnu.support> wrote:
>
> > Yuri and Michael H., you are very right, too simple password
> > generation without enough entropy produces duplicate passwords.
>
> What tipped you to this conclusion?
I did the `dotimes' and found same passwords without goods seed. Then
I have improved the seed.
> Still wrong!
You still cannot guess the next password coming... with or without
good seed. But your tips did make it more random on my side. ;-p
> > (defun rcd-read-urandom (&optional length)
> > "I am also free to modify the Emacs Lisp unlimited times."
> > (shell-command-to-string "head -n 1 /dev/urandom"))
>
> Here you read the first newline-delimited line of /dev/urandom, which
> may be a lot. If you have to use ‘head’, use it with -c and give a
> byte count.
That one I forgot the same time I wrote it, it was just thinking. I
don't like external commands.
> > (defun rcd-password-generate-1 (string)
> > "Return capitalized or downcased single symbol from a string"
> > (random (format "%s" (rcd-read-urandom)))
>
> Here you seed the Emacs random generator with the entropy. However,
> the Emacs random generator can only use 48 bits of entropy in the best
> case, so it grabs exactly that and drops the remainder on the floor.
It may be, I dropped that one.
> > (let* ((max (length string))
> > (rnd (random max))
> > (single (substring string rnd (+ rnd 1))))
> > single))
>
> Then you proceed to generate a random password using the seeded
> pseudo-random generator. Which is a step up from an unseeded
> pseudo-random generator (you could generate a series of passwords from
> a single seed, making it easier for the attacker who knows one to
> guess others) but still not as random as you would get by just
> converting raw entropy into printable characters.
I'll stick to random Emacs uptime concatenated to microseconds,
nanoseconds and milliseconds.
--
Jean
Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns
In support of Richard M. Stallman
https://stallmansupport.org/
next prev parent reply other threads:[~2021-10-25 20:29 UTC|newest]
Thread overview: 127+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-19 22:12 Noob dumb question (extending emacs) Ivano Da Milano
2021-10-20 0:36 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-20 6:34 ` Marcin Borkowski
2021-10-20 18:13 ` H. Dieter Wilhelm
2021-10-20 6:53 ` Jean Louis
2021-10-20 8:23 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-20 17:10 ` Ivano Da Milano
2021-10-20 18:41 ` Tassilo Horn
2021-10-20 18:56 ` Ken Goldman
2021-10-20 19:01 ` Ivano Da Milano
2021-10-20 19:45 ` Jean Louis
2021-10-21 5:27 ` Ivano Da Milano
2021-10-21 7:40 ` H. Dieter Wilhelm
2021-10-21 15:46 ` Ivano Da Milano
2021-10-21 16:03 ` H. Dieter Wilhelm
2021-10-21 17:49 ` Ivano Da Milano
2021-10-21 18:51 ` Jean Louis
2021-10-21 20:02 ` H. Dieter Wilhelm
2021-10-21 22:58 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-22 6:59 ` H. Dieter Wilhelm
2021-10-22 12:18 ` Jean Louis
2021-10-22 12:56 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-22 13:14 ` Yuri Khan
2021-10-22 17:51 ` Jean Louis
2021-10-22 18:50 ` Yuri Khan
2021-10-22 19:29 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-22 21:22 ` Jean Louis
2021-10-23 18:08 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-24 7:10 ` Jean Louis
2021-10-24 9:35 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-24 17:41 ` Jean Louis
2021-10-24 18:20 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-25 5:47 ` Jean Louis
2021-10-25 9:40 ` Yuri Khan
2021-10-25 10:23 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-25 12:41 ` Jean Louis
2021-10-25 19:22 ` Jean Louis
2021-10-25 19:46 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-25 19:52 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-25 19:56 ` About randomity, entropy, random passwords - was " Jean Louis
2021-10-25 20:29 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-25 20:00 ` Jean Louis
2021-10-25 19:56 ` Yuri Khan
2021-10-25 20:24 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-25 20:34 ` Jean Louis
2021-10-25 20:29 ` Jean Louis [this message]
2021-10-28 20:39 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-23 8:41 ` Michael Heerdegen
2021-10-23 10:16 ` Yuri Khan
2021-10-23 10:46 ` Michael Heerdegen
2021-10-23 18:27 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-24 8:16 ` Michael Heerdegen
2021-10-28 2:24 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-28 11:41 ` Michael Heerdegen
2021-10-28 12:07 ` tomas
2021-10-28 20:56 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-28 22:54 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-31 20:46 ` Michael Heerdegen
2021-11-01 2:09 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-11-01 19:38 ` Michael Heerdegen
2021-11-03 1:06 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-11-03 21:24 ` Michael Heerdegen
2021-11-03 22:16 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-11-05 19:03 ` Jean Louis
2021-11-05 21:50 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-31 20:42 ` Michael Heerdegen
2021-11-05 18:59 ` Jean Louis
2021-10-23 12:54 ` Michael Heerdegen
2021-10-23 13:07 ` Yuri Khan
2021-10-23 18:41 ` ERC links to man pages (was: Re: Noob dumb question (extending emacs)) Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-24 7:08 ` Noob dumb question (extending emacs) Jean Louis
2021-10-24 8:57 ` Michael Heerdegen
2021-10-24 17:59 ` Jean Louis
2021-10-25 9:18 ` Michael Heerdegen
2021-10-25 9:33 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-25 19:44 ` Jean Louis
2021-10-25 20:20 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-25 20:33 ` Jean Louis
2021-10-25 12:45 ` Jean Louis
2021-10-25 13:20 ` Michael Heerdegen
2021-10-25 19:54 ` About randomity, entropy, random passwords - was " Jean Louis
[not found] ` <YXcLIC+doASdNFll@protected.localdomain>
[not found] ` <87cznryfnz.fsf@web.de>
2021-10-26 18:52 ` Jean Louis
2021-10-23 18:22 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-23 19:52 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-24 6:43 ` Jean Louis
2021-10-24 8:28 ` Michael Heerdegen
2021-10-24 18:03 ` Jean Louis
2021-10-24 9:31 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-24 18:09 ` Jean Louis
2021-10-24 18:30 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-25 5:31 ` Jean Louis
2021-10-28 2:33 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-11-05 19:09 ` Passwords -- " Jean Louis
2021-11-05 22:00 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-23 18:17 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-24 8:42 ` Michael Heerdegen
2021-10-22 18:55 ` Yuri Khan
2021-10-22 19:30 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-22 21:31 ` Jean Louis
2021-10-22 22:21 ` H. Dieter Wilhelm
2021-10-23 10:46 ` Yuri Khan
2021-10-23 18:13 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-24 7:48 ` Yuri Khan
2021-10-24 9:37 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-24 6:45 ` Jean Louis
2021-10-24 8:50 ` Michael Heerdegen
2021-10-24 17:20 ` Jean Louis
2021-10-24 18:17 ` Yuri Khan
2021-10-24 19:07 ` Jean Louis
2021-10-24 19:05 ` Jean Louis
2021-10-25 0:12 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-25 3:54 ` Jean Louis
2021-10-22 18:57 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-22 18:53 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-22 17:48 ` Jean Louis
2021-10-22 19:26 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-21 19:45 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-20 4:04 ` Ivano Da Milano
2021-10-20 5:46 ` H. Dieter Wilhelm
2021-10-20 5:58 ` Emanuel Berg via Users list for the GNU Emacs text editor
[not found] ` <CAPWV0kyjr0=FrkVkH+Wf573fddX3pM4iiEfkQJ6oe1J_pQuNPA@mail.gmail.com>
[not found] ` <86a6j3wo7y.fsf@duenenhof-wilhelm.de>
[not found] ` <CAPWV0kyogB+u0X4dUhpyEox6pih1MJkjE2e_OoqQoP81NZceHQ@mail.gmail.com>
2021-10-20 18:31 ` Fwd: " Ivano Da Milano
2021-10-20 6:50 ` Jean Louis
2021-10-20 8:20 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-20 14:13 ` Jean Louis
2021-10-21 19:56 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-10-23 10:51 ` Tassilo Horn
2021-10-23 18:36 ` Emanuel Berg via Users list for the GNU Emacs text editor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YXcTt2EVcq1QDy7+@protected.localdomain \
--to=bugs@gnu.support \
--cc=help-gnu-emacs@gnu.org \
--cc=yuri.v.khan@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).