Skip to content

October 24, 2021

Compare
Choose a tag to compare
@atoponce atoponce released this 02 Nov 22:48
· 154 commits to master since this release

The is a small release:

  • Change switch/case statements to if/else, and be more consistent with syntax.
  • Fix base32 entropy calculation bug.
  • Add two new pseudoword generators: Daefen encoding by @alexvandesande and Urbit

A quick note about the pseudoword generators:

Daefen

Daefen is another binary-to-text encoding system. I have deployed a number of different binary-to-text encoding algorithms as a password generator, even if that's not explicitly what they're designed for. Some proved some benefits which can be extended into the password space, and Daefen is one of these.

Daefen encodes any number into a base-3456 pronounceable string. By using the vowel character set of "aeiouy" and the consonant character set of "bcdfghjklmnprstvwz", there are:

  • 108 "vowel + consonant" pairs
  • 108 "consonant + vowel" pairs
  • 648 "consonant + vowel + vowel" triplets
  • 648 "vowel + consonant + vowel" triplets
  • 1,944 "consonant + vowel + consonant" triplets

There is deterministic logic to break these up into "words" which can result in different word lengths in the generated pseudoword from generation to generation. The first character in each "word" is capitalized.

Exempli gratia:

  • Uriyju-Kaodyh-Ko-Kui
  • Sekado-Itabih-Sujsuv
  • His-Orpeb-Ukevef-Duu
  • Jou-Se-Sezryp-Wobke

There is log2(3456) ~= 11.75 bits of security per "word" syllable. This is the densest pseudoword generator in the project producing the shortest passwords.

Urbit

The Urbit naming system uses 256 prefixes and 256 suffixes using "consonant + vowel + consonant" for each syllable. The vowels for the prefixes are strictly "a", "i", and "o". The vowels for the suffixes are strictly "e", "u", and "y" with one exception for "doz". Each "word" thus has 2 syllables providing log2(256) + log2(256) = 16 bits of security. This is on par with the Bubble Babble and Proquints generators.

Note: to remain in theme with the Urbit naming system, each pseudoword starts with the tilde "~". This extra character does not provide any additional security.

Exempli gratia:

  • ~davfep-nampur-ronren-ripsyl-noprym
  • ~bintep-doslus-hactyr-tamfur-sopleb
  • ~witmug-tamtuc-lintex-tanlex-dapryd
  • ~fabmun-dismeb-randus-nilred-milpec