1. Forum
  2. Usenet
  3. SCI.CRYPT

  • [dpass] - passcodes instead of passwords for symmetric encryption

    From Stefan Claas@21:1/5 to All on Sun Feb 23 11:02:19 2025
    XPost: alt.cypherpunks

    Hi all,

    while playing with TOTP https://github.com/706f6c6c7578/TOTP I thought
    it may be useful to have an option to generate deterministic passcoded,
    valid for 24 hrs, instead of using passwords, for symmetric encryption.

    $ dpass -h
    Usage: dpass [options]

    Options:
    -p string
    Shared password for deterministic passcode generation
    -s string
    Shared salt for deterministic passcode generation
    -l int
    Length of the generated passcode (Default 16)
    -h
    Show this help message and exit

    $ dpass
    Enter the shared password: test
    Enter the shared salt: test
    Passcode (16 characters): 4PFVCHS4DMZTPAZG
    Valid from 2025-02-23 00:00:00 UTC to 2025-02-23 23:59:59 UTC.

    What do you think about using passcodes for symmetric encryption?

    Regards
    Stefan

    --
    Onion Courier Home Server Mon-Fri 15:00-21:00 UTC Sat-Sun 11:00-21:00 UTC ohpmsq5ypuw5nagt2jidfyq72jvgw3fdvq37txhnm5rfbhwuosftzuyd.onion:8080 inbox
    age1yubikey1qv5z678j0apqhd4ng7p22g4da8vxy3q5uvthg6su76yj0y8v7wp5kvhstum

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Stefan Claas@21:1/5 to Stefan Claas on Sun Feb 23 11:05:39 2025
    XPost: alt.cypherpunks

    Stefan Claas wrote:

    Hi all,

    while playing with TOTP https://github.com/706f6c6c7578/TOTP I thought
    it may be useful to have an option to generate deterministic passcoded,
    valid for 24 hrs, instead of using passwords, for symmetric encryption.

    $ dpass -h
    Usage: dpass [options]

    Options:
    -p string
    Shared password for deterministic passcode generation
    -s string
    Shared salt for deterministic passcode generation
    -l int
    Length of the generated passcode (Default 16)
    -h
    Show this help message and exit

    $ dpass
    Enter the shared password: test
    Enter the shared salt: test
    Passcode (16 characters): 4PFVCHS4DMZTPAZG
    Valid from 2025-02-23 00:00:00 UTC to 2025-02-23 23:59:59 UTC.

    What do you think about using passcodes for symmetric encryption?

    Forgot URL, sorry: https://github.com/706f6c6c7578/dpass

    Regards
    Stefan

    --
    Onion Courier Home Server Mon-Fri 15:00-21:00 UTC Sat-Sun 11:00-21:00 UTC ohpmsq5ypuw5nagt2jidfyq72jvgw3fdvq37txhnm5rfbhwuosftzuyd.onion:8080 inbox
    age1yubikey1qv5z678j0apqhd4ng7p22g4da8vxy3q5uvthg6su76yj0y8v7wp5kvhstum

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Chax Plore@21:1/5 to Stefan Claas on Sun Feb 23 14:39:00 2025
    XPost: alt.cypherpunks

    On 2025-02-23 11:02, Stefan Claas wrote:
    Hi all,

    while playing with TOTP https://github.com/706f6c6c7578/TOTP I thought
    it may be useful to have an option to generate deterministic passcoded,
    valid for 24 hrs, instead of using passwords, for symmetric encryption.

    $ dpass -h
    Usage: dpass [options]

    Options:
    -p string
    Shared password for deterministic passcode generation
    -s string
    Shared salt for deterministic passcode generation
    -l int
    Length of the generated passcode (Default 16)
    -h
    Show this help message and exit

    $ dpass
    Enter the shared password: test
    Enter the shared salt: test
    Passcode (16 characters): 4PFVCHS4DMZTPAZG
    Valid from 2025-02-23 00:00:00 UTC to 2025-02-23 23:59:59 UTC.

    What do you think about using passcodes for symmetric encryption?

    Regards
    Stefan


    Entering passwords in commandline is a heresy.

    --

    -----BEGIN PGP PUBLIC KEY FINGERPRINT-----
    5745 807C 2B82 14D8 AB06 422C 8876 5DFC 2A51 778C
    ------END PGP PUBLIC KEY FINGERPRINT------

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Stefan Claas@21:1/5 to Chax Plore on Sun Feb 23 14:45:18 2025
    XPost: alt.cypherpunks

    Chax Plore wrote:

    Entering passwords in commandline is a heresy.

    How do you do that with GnuPG when using symmetric encryption?

    Regards
    Stefan

    --
    Onion Courier Home Server Mon-Fri 15:00-21:00 UTC Sat-Sun 11:00-21:00 UTC ohpmsq5ypuw5nagt2jidfyq72jvgw3fdvq37txhnm5rfbhwuosftzuyd.onion:8080 inbox
    age1yubikey1qv5z678j0apqhd4ng7p22g4da8vxy3q5uvthg6su76yj0y8v7wp5kvhstum

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Chax Plore@21:1/5 to Stefan Claas on Mon Feb 24 17:27:21 2025
    XPost: alt.cypherpunks

    On 2025-02-23 14:45, Stefan Claas wrote:
    Chax Plore wrote:

    Entering passwords in commandline is a heresy.

    How do you do that with GnuPG when using symmetric encryption?

    Regards
    Stefan

    I am not entering passwords in commandline.
    I am entering them interactively in GPG TUI.

    --

    -----BEGIN PGP PUBLIC KEY FINGERPRINT-----
    5745 807C 2B82 14D8 AB06 422C 8876 5DFC 2A51 778C
    ------END PGP PUBLIC KEY FINGERPRINT------

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)