I found the first part of the post a little bit cryptic (no pun intended). Since the second part is not just aimed at an audience with technical security knowledge, maybe at least including Shannon’s maxim and a link to outfo-hazard (ok, that one is not technical) would help. Though after googling it, I still don’t understand the part about Shannon’s maxim, e.g.,
Generating a password with a high amount of “entropy” is just a way of ensuring that password crackers are very unlikely to break them without violating Shannon’s maxim.
If Shannon’s maxim is: “The enemy knows the system”, violating means that they do not know it? How does not knowing the system help crackers crack high-entropy passwords? Or is “violating Shannon’s maxim” to say that the attacker knows the secrete key? In that case, wouldn’t it be better to say “violating Kerckhoff’s principle”? (I prefer Kerckhoff’s principle anyway, Shannon’s maxim seems IMO just a more cryptic (sorry again) restatement of it.)
Violating shannon’s maxim means making a security system that is insecure if an attacker knows how the system works. In this case, a password generation mechanism like “use the most memorable password not in the password cracking list” violates shannon’s maxim—if an attacker knows you’re doing that he can generate such passwords himself and test them against the password hash. A password generation mechanism like “select 18 random hexadecimal characters” is secure even if an attacker knows you’re doing that, because you’re randomly selecting from 16^18 possible passwords.
I found the first part of the post a little bit cryptic (no pun intended). Since the second part is not just aimed at an audience with technical security knowledge, maybe at least including Shannon’s maxim and a link to outfo-hazard (ok, that one is not technical) would help. Though after googling it, I still don’t understand the part about Shannon’s maxim, e.g.,
If Shannon’s maxim is: “The enemy knows the system”, violating means that they do not know it? How does not knowing the system help crackers crack high-entropy passwords? Or is “violating Shannon’s maxim” to say that the attacker knows the secrete key? In that case, wouldn’t it be better to say “violating Kerckhoff’s principle”? (I prefer Kerckhoff’s principle anyway, Shannon’s maxim seems IMO just a more cryptic (sorry again) restatement of it.)
Otherwise, nice post.
Violating shannon’s maxim means making a security system that is insecure if an attacker knows how the system works. In this case, a password generation mechanism like “use the most memorable password not in the password cracking list” violates shannon’s maxim—if an attacker knows you’re doing that he can generate such passwords himself and test them against the password hash. A password generation mechanism like “select 18 random hexadecimal characters” is secure even if an attacker knows you’re doing that, because you’re randomly selecting from 16^18 possible passwords.
I’ve heard it go by the name security through obscurity (see https://en.wikipedia.org/wiki/Security_through_obscurity).