[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Noob dumb question (extending emacs)

From: Jean Louis
Subject: Re: Noob dumb question (extending emacs)
Date: Mon, 25 Oct 2021 15:41:55 +0300
User-agent: Mutt/2.0.7+183 (3d24855) (2021-05-28)

* Yuri Khan <> [2021-10-25 12:42]:
> On Mon, 25 Oct 2021 at 12:55, Jean Louis <> wrote:
> > In science, if there is "security implication" then it has to be
> > proven. That is why breaking crypto requires a proof which is usually
> > program or exploit that breaks it, not just a theoretical statement.
> In crypto science, an algorithm is considered compromised, for
> example, if it was previously thought to require a brute force search
> of 2^128 to break, and later shown to be breakable in 2^64 attempts.
> A 20-letter password contains about 120 bits of information. A user
> who requests generation of such a password reasonably expects that the
> attacker would have to bruteforce 2^120 possibilities. However, your
> generation algorithm uses only 48 bits of entropy, so the attacker
> only has to search through 2^48 possible seeds, and maybe 2^5
> different generated password lengths, and breaks the password in 2^53
> attempts, or 2^67 ≈ 1.5*10^20 times faster than expected.

That is why I said, if it is "so the attacker only has to search
through 2^48 possible seeds" then please demonstrate it, search it and
prove what would be the next char in this password. I think 50 chars
will give you enough playground to find the seeds.

(rcd-password 50) ⇒ "YQAguCWdKEiR%OiEyjuKHcttCvyVOEt}pwG5HJoUirOdA6RBOa"

Once you find first seed, let me know, that I can pay the pizza for
you Yuri.


Take action in Free Software Foundation campaigns:

In support of Richard M. Stallman

reply via email to

[Prev in Thread] Current Thread [Next in Thread]