-
-
Notifications
You must be signed in to change notification settings - Fork 600
Random password
This app use AFSK demodulated data as random seeds for each char, use LCG + one more random layer as PRNG algorithms to generate passwords.
In theory if the quality of seeds (which is from mostly radio noise) is good enough, then the password randomization would be good enough. But usually they are not, or we don’t know, or they do but not stable. So even if this is more secure than many other PRNG generators, in the best case it even can be considered as TRNG generators, don’t use this at high security scenes, for example money-related things.
All the “send” button/checkbox in this app means send via serial async messages, check serial page in this wiki for more details.
Flood mode is from streaming generated code, this will always streaming into serial, alternatively you can check the savin checkbox to save generated codes and seeds. Keep in mind that with seeds, you can generated same code with proper PRNG, so they are same level of security, don’t leak them.
There are two dimensions of password safety:
- Entropy: When you generate mass of password, it should split evenly in the possible space, that controls password quality. In this app, the only entropy provider is the demodulated AFSK data. the LCG/ sha-512/ shuffle algo won't bring more entropy.
- Randomness: It controls how many total possibilities can be generated. In this app, the only randomness provider is the "each digits using different seed in the buffer" algorithm, which spread the total possible combination into the max value of possibility: (CHARNUMBER)^{DIGITS}.
Algo / Source | Bring Entropy ? | Bring Randomization ? | Bring difficult to reverse calculation ? | Made it harder to Brute-Force ? | Time Complexity and Space Complexity |
---|---|---|---|---|---|
Use time as seeds to pick a random frequency with LCG to fetch AFSK data | 🚫 | ✅ | 🚫 | 🚫 | O(1) - O(1) |
The original demodulated AFSK data as seeds | ✅ | 🚫 | 🚫 | 🚫 | O(1) - O(1) |
Each digits using different seed in the buffer | ✅ | 🚫 | 🚫 | ✅ | O(n^DITIGS_NUMBER) - O(n^DITIGS_NUMBER) |
The LCG PRNG algo inside of cpp STL | 🚫 | ✅ | 🚫 | 🚫 | O(n) - O(1) |
Shuffle with two groups of seeds | 🚫 | ✅ | 🚫 | ✅ | O(n) - O(n) |
The SHA-512 hash algo | 🚫 | ✅ | ✅ | 🚫 | O(n) - O(1) |
Result | ✅ x 2 | ✅ * 4 | ✅ * 1 | ✅ * 2 |
Note
The wiki is incomplete. Please add content and collaborate.
Important
- This is a public wiki. Everything is visible to everyone. Don't use it for personal notes.
- Avoid linking to external tutorials/articles; they may become outdated or contain false information.
How to collaborate
How to ask questions correctly
- First steps
- Usage cautions
- Intended use and Legality
- Features
- PortaPack Versions (which one to buy)
- HackRF Versions
- Firmware update procedure
- Description of the hardware
- User interface
- Powering the PortaPack
-
Troubleshooting
- Won't boot
- Config Menu
- Firmware upgrade
- Diagnose firmware update in Windows
- Receive Quality Issues
- No TX/RX
- TX Carrier Only
- H2+ speaker modifications
- Dead Coin Cell Battery
- Factory Defaults
- SD card not recognized by PC with the SD-card over USB selected
- DFU overlay
- Full reset
- SolveBoard
- How to Format SDCard
- Applications
-
Compilation of the firmware
- Compile on WSL with ninja
- How to compile on Windows faster with WSL 2
- Using Docker and Kitematic
- Docker command-line reference
- Using Buddyworks and other CI platforms
- Notes for Buddy.Works (and other CI platforms)
- Using ARM on Debian host
- All in one script for ARM on Debian host
- Compile on Arch based distro (exclude Asahi)
- Dev build versions
- Notes About ccache
- Create a custom map
- Code formatting
- PR process
- Description of the Structure
- Software Dev Guides
- Tools
- Research
- UI Screenshots
- Maintaining
- Creating a prod/stable release (Maintainers only)
- Maintaining rules
- Development States Notes