Mirrors
/
open-keychain
mirror of https://github.com/open-keychain/open-keychain.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated Backups (markdown)

Dominik Schürmann 2016-01-06 01:35:04 +01:00
parent d774f73d80
commit 98eac2236a
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Backups.md

@ -33,4 +33,4 @@ Example: ``TWNK-KDEY-MTWT-EVGS-DRDB-KVTW``
* [2015, Jun Ho Huh et al.: On the Memorability of System-generated PINs: Can Chunking Help?](http://lersse-dl.ece.ubc.ca/record/304/files/soups2015-final110.pdf)
* [2006, Deborah S. Carstens, Linda C. Malone, Pamela McCauley-Bell: Applying Chunking Theory in Organizational Password Guidelines](http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.97.2782&rep=rep1&type=pdf)
* Security level: Possible combinations are 26^24 = 2^112.8. This is enough to be protected against offline brute force attacks.
* The generated backup code is used directly for encrypting an OpenPGP message (more precisely: It is used for the [Symmetric-Key Encrypted Session Key Packet](http://tools.ietf.org/html/rfc4880#section-5.3)). The whole backup code, e.g., ``TWNK-KDEY-MTWT-EVGS-DRDB-KVTW`` (including the dashes), is used as a symmetric-key. Dashes are included to ease decryption using OpenPGP implementations that don't offer special dialogs for entering backup codes and only support single text fields for entering passwords.
* The generated backup code is used directly for encrypting an OpenPGP message (more precisely: It is used for the [Symmetric-Key Encrypted Session Key Packet](http://tools.ietf.org/html/rfc4880#section-5.3)). The whole backup code, e.g., ``TWNK-KDEY-MTWT-EVGS-DRDB-KVTW`` (including the dashes -> 29 characters long), is used as a symmetric-key. Dashes are included to ease decryption using OpenPGP implementations that don't offer special dialogs for entering backup codes and only support single text fields for entering passwords.