/

Diceware- A New Way To Secure Your Information

547prg

Securing of passwords has always been a difficult and challenging problem for common people. The passwords that people can easily remember and even easier to crack. With the increase in the numbers of hacking tools used for phishing, brute force, etc., it was important to come up with a idea to secure the private and important information without remembering hard combinations. To the rescue came the DICEWARE. But before knowing about the Diceware, its important to know about passphrases.

 

What Are Passphrases?

Passphrases was invented by Sigmund N. Porter in 1982, passphrase are a bunch of combination of words and characters that we type in our system to let it know that the user using the system is the owner or you. It is used by almost every security systems now-a days like in WI-Fi such as W PA and WPA2. They are usually long 20-40 words in length but are easy to remember and hard to guess even by someone who knows you well.

Here is a image with a passphrase:

img03-eng

After the knowledge of passphrase the next important thing to know is.

What is Diceware?

Diceware is a method to create strong and really hard to break but easy to remember passphrases using a simple dice as a hardware random number generator. It is very simple and can create a passphrases easily. In this method we use simple dice to select words at random from a special list known as the Diceware word list. All words are in between one to six and each combination is give a separate word or abbreviation that can be easy remembered. The complete list contains about 7776 words with an average length of character being about 4.2. These list are available in different languages. the Diceware word list in PDF format can be downloaded from here.

Here is a short excerpt from the Diceware word list:

16655 clause

16656 claw

16661 clay

16662 clean

16663 clear

16664 cleat

16665 cleft

16666 clerk

21111 cliche

 

How Does Diceware Work?

To use Diceware you will be needing one dice and the complete Diceware list. Now decide how many words you want in your passphrase (lets go for five). Now roll the dice and write down the results on a slip of paper. Write the numbers in groups of five. Make as many of these five-digit groups as you want words in your passphrase. You can roll one die five times or roll five dice once. After its done find the five digit number in the Diceware list and the word next to it. For example, 13111 means “avoid”. Now find words for each group of five numbers and your passphrase is ready.

Example

Suppose if you want a six word passphrase. You will need 6 times 5 or 30 dice rolls. Let’s say they come out as:

 1, 3, 1, 1, 1, 1, 3, 1, 1, 4, 1, 3, 2, 4, 1, 3, 5, 6, 
 1, 6, 6, 5, 2, 2, 4, 6, 4, 3, 2, and 6.

Write down the results on a scrap of paper in groups of five rolls:

 1 3 1 1 1 
 1 3 1 1 4 
 5 1 3 2 4 
 3 5 6 1 6
 6 5 2 2 4 
 6 4 3 2 6

You then look up each group of five rolls in the Diceware word list by finding the number in the list and writing down the word next to the number:

 1 6 6 6 5 avoid
 1 5 6 5 3 aw
 5 6 3 2 2 bald
 3 5 6 1 6 lacy
 6 5 2 2 4 yr
 6 4 3 2 6 wok

Your passphrase would then be:

avoid aw bald lacy yr wok Try it yourself and make an unbreakable passphrases. diceware-password3 For any other information click here

  • lopsi

    This method is pretty old and seems quite easy to bruteforce

    • well this method is not old for one thing and for cracking a password of 8 alphanumeric it takes about 25 GPU’s around 6 hours and this method is used for passphrases that are at-least 20-40 character long so think about the time and resources needed to crack a 20-40 character passphrase which is totally random. Moreover if someone does lets say to have the resource to try it don’t you think he is gonna try it on someone very important and that someone who is that important do tend to change their passphrases every 15 days.