From 3774957dc595bee6ffddf5be7c060dd0dd86d239 Mon Sep 17 00:00:00 2001 From: sommermorgentraum <24917424+zxkmm@users.noreply.github.com> Date: Sat, 9 Nov 2024 18:27:16 +0800 Subject: [PATCH] Updated Random password (markdown) --- Random-password.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Random-password.md b/Random-password.md index 340ece6..191919e 100644 --- a/Random-password.md +++ b/Random-password.md @@ -2,11 +2,16 @@ This app use AFSK demodulated data as random seeds for each char, use LCG + one In theory if the quality of seeds (which is from mostly radio noise) is good enough, then the password randomization would be good enough. But usually they are not, or we don’t know, or they do but not stable. So even if this is more secure than many other PRNG generators, in the best case it even can be considered as TRNG generators, don’t use this at high security scenes, for example money-related things. -All the “send” button/checkbox in this app means send via serial asynchrony messages, check serial page in this wiki for more details. +All the “send” button/checkbox in this app means send via serial async messages, check serial page in this wiki for more details. Flood mode is from streaming generated code, this will always streaming into serial, alternatively you can check the savin checkbox to save generated codes and seeds. Keep in mind that with seeds, you can generated same code with proper PRNG, so they are same level of security, don’t leak them. # Each shuffle algo and what it can bring you + +There are two dimensions of password safety: +- Entropy: When you generate mass of password, it should split evenly in the possible space, that controls password quality. In this app, the only entropy provider is the demodulated AFSK data. the LCG/ sha-512/ shuffle algo won't bring more entropy. +- Randomness: It controls how many total possibilities can be generated. In this app, the only randomness provider is the "each digits using different seed in the buffer" algorithm, which spread the total possible combination into the max value of possibility: (CHARNUMBER)^{DIGITS}. + | Algo / Source | Bring Entropy ? | Bring Randomization ? | Bring difficult to reverse calculation ? | Made it harder to Brute-Force ? | Time Complexity and Space Complexity | | -------------------------------------------------------------------------- | ----------------- | ----------------------- | ------------------------------------------ | --------------------------------- | ----------------------------------------- | | Use time as seeds to pick a random frequency with LCG to fetch AFSK data | 🚫 | ✅ | 🚫 | 🚫 | O(1) - O(1) |