Search found 145 matches

by ddrown
Sat Dec 09, 2017 10:57 pm
Forum: General discussion
Topic: Password storage on a BluePill
Replies: 35
Views: 547

Re: Password storage on a BluePill

I put together a stm32duino example of the wordlist: https://github.com/ddrown/wordlist Full example with display uses 33KB of flash, so that's not much room for encryption or other things. I can probably cut a bunch of un-needed stuff out of the graphics libraries though. I was thinking maybe it wo...
by ddrown
Wed Dec 06, 2017 3:50 am
Forum: General discussion
Topic: Password storage on a BluePill
Replies: 35
Views: 547

Re: Password storage on a BluePill

Or perhaps add more words Probably allocating 8k or at most 16k for the password storage should be enough, Anyone who has loads of very long passwords, probably needs to use something else ;-) Ok, I put in a larger wordlist on the web page - from 1,194 to 2,741 words. The object file for this wordl...
by ddrown
Wed Dec 06, 2017 3:46 am
Forum: General discussion
Topic: Password storage on a BluePill
Replies: 35
Views: 547

Re: Password storage on a BluePill

Part of computer security is estimating how much money an attacker has to spend to gain access. If the attack takes less than $0.01 per target (such as: injecting malware via browser exploit through an ad network, scanning for devices with default username/passwords open to the internet, etc) you ca...
by ddrown
Wed Dec 06, 2017 2:46 am
Forum: General discussion
Topic: Password storage on a BluePill
Replies: 35
Views: 547

Re: Password storage on a BluePill

Its a cool interface, but I found I could not enter the passphrase I wanted I thought I'd try the old joke Time flies like an arrow; fruit flies like a banana https://en.wikipedia.org/wiki/Time_flies_like_an_arrow;_fruit_flies_like_a_banana And I couldn't enter it as it didn't have fruit or arrow I...
by ddrown
Wed Dec 06, 2017 1:56 am
Forum: General discussion
Topic: Password storage on a BluePill
Replies: 35
Views: 547

Re: Password storage on a BluePill

I reduced my word list to smaller words and now it's 1194 words and 3831 bytes compressed. I wanted to see how long it would take to enter these words into a simple interface, so I created a javascript prototype version: https://dan.drown.org/misc/password-entry.html It only works with a keyboard, s...
by ddrown
Mon Dec 04, 2017 3:48 am
Forum: General discussion
Topic: Password storage on a BluePill
Replies: 35
Views: 547

Re: Password storage on a BluePill

@ddrown I like the idea of the passphrase made of a fixed set of words, but 4000 words is going to take a lot of flash. Yeah, around 35kb. I could possibly lower that (12kb?) if I stored it as a tree structure. Combining https://en.wikipedia.org/wiki/Incremental_encoding and a 127 element dictionar...
by ddrown
Mon Dec 04, 2017 2:32 am
Forum: General discussion
Topic: Password storage on a BluePill
Replies: 35
Views: 547

Re: Password storage on a BluePill

@ddrown I like the idea of the passphrase made of a fixed set of words, but 4000 words is going to take a lot of flash. Yeah, around 35kb. I could possibly lower that (12kb?) if I stored it as a tree structure. Re: Cost of GPU rigs to brute for etc Ultimately everything is hackable, with enough bud...
by ddrown
Mon Dec 04, 2017 12:07 am
Forum: General discussion
Topic: Password storage on a BluePill
Replies: 35
Views: 547

Re: Password storage on a BluePill

Thanks guys @ddrown The open source project you linked to was interested, but I don’t know if it’s the same sort of device I was thinking about. Yup, it's not exactly the same. It stores PGP keys instead of passwords. But the storage of those secrets would be very similar, so those parts of the des...
by ddrown
Sun Dec 03, 2017 6:40 pm
Forum: General discussion
Topic: Password storage on a BluePill
Replies: 35
Views: 547

Re: Password storage on a BluePill

This is an interesting project. I think this other stm32f103 based project could have some relevant design/code: https://github.com/RaymiiOrg/gnuk/blob/master/README Something to help make the brute force harder would be to use a brute force resistant hash like PBKDF2 as well as allowing a longer pa...
by ddrown
Mon Oct 09, 2017 10:45 pm
Forum: Code snipplets
Topic: 32-bit timers
Replies: 9
Views: 353

Re: 32-bit timers

dannyf wrote:
Mon Oct 09, 2017 9:02 pm
more than one way of doing the same thing, :)
That's very true!