mirror of
https://github.com/portapack-mayhem/mayhem-firmware.git
synced 2024-11-27 12:05:34 +00:00
Updated Random password (markdown)
parent
eb7bff2e36
commit
3774957dc5
@ -2,11 +2,16 @@ This app use AFSK demodulated data as random seeds for each char, use LCG + one
|
|||||||
|
|
||||||
In theory if the quality of seeds (which is from mostly radio noise) is good enough, then the password randomization would be good enough. But usually they are not, or we don’t know, or they do but not stable. So even if this is more secure than many other PRNG generators, in the best case it even can be considered as TRNG generators, don’t use this at high security scenes, for example money-related things.
|
In theory if the quality of seeds (which is from mostly radio noise) is good enough, then the password randomization would be good enough. But usually they are not, or we don’t know, or they do but not stable. So even if this is more secure than many other PRNG generators, in the best case it even can be considered as TRNG generators, don’t use this at high security scenes, for example money-related things.
|
||||||
|
|
||||||
All the “send” button/checkbox in this app means send via serial asynchrony messages, check serial page in this wiki for more details.
|
All the “send” button/checkbox in this app means send via serial async messages, check serial page in this wiki for more details.
|
||||||
|
|
||||||
Flood mode is from streaming generated code, this will always streaming into serial, alternatively you can check the savin checkbox to save generated codes and seeds. Keep in mind that with seeds, you can generated same code with proper PRNG, so they are same level of security, don’t leak them.
|
Flood mode is from streaming generated code, this will always streaming into serial, alternatively you can check the savin checkbox to save generated codes and seeds. Keep in mind that with seeds, you can generated same code with proper PRNG, so they are same level of security, don’t leak them.
|
||||||
|
|
||||||
# Each shuffle algo and what it can bring you
|
# Each shuffle algo and what it can bring you
|
||||||
|
|
||||||
|
There are two dimensions of password safety:
|
||||||
|
- Entropy: When you generate mass of password, it should split evenly in the possible space, that controls password quality. In this app, the only entropy provider is the demodulated AFSK data. the LCG/ sha-512/ shuffle algo won't bring more entropy.
|
||||||
|
- Randomness: It controls how many total possibilities can be generated. In this app, the only randomness provider is the "each digits using different seed in the buffer" algorithm, which spread the total possible combination into the max value of possibility: (CHARNUMBER)^{DIGITS}.
|
||||||
|
|
||||||
| Algo / Source | Bring Entropy ? | Bring Randomization ? | Bring difficult to reverse calculation ? | Made it harder to Brute-Force ? | Time Complexity and Space Complexity |
|
| Algo / Source | Bring Entropy ? | Bring Randomization ? | Bring difficult to reverse calculation ? | Made it harder to Brute-Force ? | Time Complexity and Space Complexity |
|
||||||
| -------------------------------------------------------------------------- | ----------------- | ----------------------- | ------------------------------------------ | --------------------------------- | ----------------------------------------- |
|
| -------------------------------------------------------------------------- | ----------------- | ----------------------- | ------------------------------------------ | --------------------------------- | ----------------------------------------- |
|
||||||
| Use time as seeds to pick a random frequency with LCG to fetch AFSK data | 🚫 | ✅ | 🚫 | 🚫 | O(1) - O(1) |
|
| Use time as seeds to pick a random frequency with LCG to fetch AFSK data | 🚫 | ✅ | 🚫 | 🚫 | O(1) - O(1) |
|
||||||
|
Loading…
Reference in New Issue
Block a user