Filter
Top Products
Chapter 3 Cryptography 93
Security Considerations
attacker can predict two or three of the bits in each seed byte. Bit 7, for instance, will
always be 0. Furthermore, many of the keystrokes can be predicted: they will
probably be lowercase letters that alternate between the left and right hand. Analysis
of this issue has determined that there is only one bit of entropy from each keystroke
(think of the term “entropy” as “unrepeatability”). When using keystrokes, use at
least one for each bit of key size.
There are other schemes for finding seed bytes, including tracking mouse movements,
timing keystrokes, “listening” to hardware noise, or capturing machine state
information. Many schemes will provide more than one bit of entropy per byte of
seed; however, it is an easy-to-remember rule of thumb to use as many bytes of seed
data as bits of key.
Whatever the scheme, it may seem unusual to expend more effort to produce a seed
than it will take to produce the random key data itself. Why not simply use the seed
data in the key? The strength of cryptography relies on key data that is random or
pseudo-random. If an attacker knows that the key data is not random, cracking the
cipher becomes easier. The seed will almost certainly not be random. The attacker
may not be able to repeat the seed gathering process exactly, but non-random key
data leaves a cipher algorithm as a whole open to various attacks. Hence, use a large
unrepeatable seed to generate pseudo-random data.
Choosing Passwords
In almost any security application, users are required to have passwords that indicate
authorized access to the system. Often, when given a choice, users choose the same
password for various applications. For instance, they may use their login password to
encrypt a private key. Many times, users will choose passwords an attacker can easily
deduce. Therefore, it is a good idea for developers to build good password protocols
into their applications. Following is a list of possible guidelines for choosing
passwords.
• Enforce a minimum password length, generally eight characters.
• Inform users to avoid easy to guess passwords, such as common names or
birthday dates.
• Check an entered password against a dictionary.
• Require a combination of numeric, special, and upper- and lower-case alphabetic
characters.
• Include support for password expiration dates to limit the available searching
time an attacker has to break into the system.