undefined | Better HN

0 pointsspacebanana71y ago0 comments

> By "target system" you mean "system from which the password originated", right?

Yeah that’s correct.

> The phrase "stored on Earth" is a red herring. You don't need to store all possible passwords for those passwords to be possible to generate here.

A password used to protect a system must be persistently stored inside that system.

The number of passwords that can be generated on earth is greater than the number that can be persistently stored on earth.

For example, an iPhone must locally store a user’s unlock PIN code. However, it could theoretically generate a 20TB password for an external site in chunks without ever storing the full password locally.

Energy is a binding for password generation; but size is a constraint for password storage, which likely kicks in a lot earlier.

0 comments

andrewflnr1y ago

The password being persistently stored is not really a requirement here. That depends on the cryptosystem involved, among other things. What if I encrypt a ciphertext and throw away/forget the key?

Anyway, the constraint you're proposing here is, only passwords that can be encoded in all possible configurations of matter making up the earth? And you do have to contend with all possible configurations, if all you know is the size of the system, or even the mass and composition. As tedunangst put it, that's a lot of bits. I think we'll hit the 300-400 bit computational limit first.

yjftsjthsd-h1y ago

> A password used to protect a system must be persistently stored inside that system.

No it isn't; any system which is even remotely decent will only store the (usually salted) hash of passwords used on it.

andreareina1y ago

You're still essentially bound by having to consider all the passwords that could be generated. Let's say that passwords are limited to 2048 bits, but you can only store 2^128 passwords. The problem is that you don't know which 2^2048 passwords have been stored, so you have to go through them all anyway.

j / k navigate · click thread line to collapse