[clug] Passwords [SEC=UNCLASSIFIED]

Sam Couter sam at couter.id.au
Mon Aug 27 06:37:19 MDT 2012

Ellis, Peter MR <peter.ellis at defence.gov.au> wrote:
> Okay, let's get semi-technical military.
> A. The military sometimes uses a "one-time pad" system for simple operational security (OPSEC), involving a "covered vector" (COVEC). 

Interesting that you mentioned this.

No good for passwords, but a securely generated and transmitted one-time
pad is considered the only form of encryption that's invulnerable to

So, now we only have to solve the problem of securely generating and
transmitting the one-time pad. Easy, right?

> B. The other one I'll discuss: safe grids. Safes have numbers to open them, but people typically 'invent' a word or phrase then convert this to the numbers. A grid might look like this, or be 'slewed' (started down) by several lines.
> 1 ABC wx
> 2 DEF yz
> 3 GHI abc
> 4 JKL def
> 5 MN  ghi
> 6 OP  jk
> 7 QRS lmn
> 8 TU  opq
> 9 VW  rst
> 0 XYZ uv
> e.g. 
> CAPTURE = 1168872
> capture = 3389094
> CaptUre = 1389894

This is vulnerable to very primitive cryptanalysis. It's okay for kids
passing notes in class but no good for anything more serious.
Sam Couter         |  mailto:sam at couter.id.au
OpenPGP fingerprint:  A46B 9BB5 3148 7BEA 1F05  5BD5 8530 03AE DE89 C75C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/linux/attachments/20120827/19a51230/attachment-0001.pgp>

More information about the linux mailing list