git.schokokeks.org
Repositories
Help
Report an Issue
derivepassphrase.git
Code
Commits
Branches
Tags
Suche
Strukturansicht:
38270c4
Branches
Tags
documentation-tree
master
unstable/modularize-and-refactor-test-machinery
unstable/ssh-agent-socket-providers
wishlist
0.1.0
0.1.1
0.1.2
0.1.3
0.2.0
0.3.0
0.3.1
0.3.2
0.3.3
0.4.0
0.5.1
0.5.2
derivepassphrase.git
0.x
explanation
faq-vault-interchangable-passphrases
index.html
Deployed ee6f43b6be48 to 0.x with MkDocs 1.6.1 and mike 2.1.3
Marco Ricci
commited
38270c4
at 2025-06-24 22:13:29
index.html
Blame
History
Raw
<!doctype html> <html lang="en" class="no-js"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width,initial-scale=1"> <meta name="description" content="An almost faithful Python reimplementation of James Coglan's vault."> <meta name="author" content="Marco Ricci"> <link rel="canonical" href="https://the13thletter.info/derivepassphrase/0.x/explanation/faq-vault-interchangable-passphrases/"> <link rel="prev" href="../faq-altered-versions/"> <link rel="next" href="../../changelog/"> <link rel="icon" href="../../assets/images/favicon.png"> <meta name="generator" content="mkdocs-1.6.1, mkdocs-material-9.6.14"> <title>What are "interchangable passphrases" in `vault`, and what does that mean in practice? - derivepassphrase</title> <link rel="stylesheet" href="../../assets/stylesheets/main.342714a4.min.css"> <style>:root{--md-text-font:"Noto Sans";--md-code-font:"Noto Mono"}</style> <link rel="stylesheet" href="../../assets/_mkdocstrings.css"> <link rel="stylesheet" href="../../mkdocstrings_recommended_styles.css"> <link rel="stylesheet" href="../../wishlist_styling.css"> </head> <body dir="ltr"> <input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off"> <input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off"> <label class="md-overlay" for="__drawer"></label> <div data-md-component="skip"> <a href="#what-are-interchangable-passphrases-in-vault-and-what-does-that-mean-in-practice" class="md-skip"> Skip to content </a> </div> <div data-md-component="announce"> </div> <div data-md-color-scheme="default" data-md-component="outdated" hidden> </div> <div class="md-container" data-md-component="container"> <nav class="md-tabs" aria-label="Tabs" data-md-component="tabs"> <div class="md-grid"> <ul class="md-tabs__list"> <li class="md-tabs__item"> <a href="../.." class="md-tabs__link"> Overview </a> </li> <li class="md-tabs__item"> <a href="../../tutorials/" class="md-tabs__link"> Tutorials & Examples </a> </li> <li class="md-tabs__item"> <a href="../../how-tos/" class="md-tabs__link"> How-Tos </a> </li> <li class="md-tabs__item"> <a href="../../reference/" class="md-tabs__link"> Reference </a> </li> <li class="md-tabs__item md-tabs__item--active"> <a href="../" class="md-tabs__link"> Design & Background </a> </li> <li class="md-tabs__item"> <a href="../../changelog/" class="md-tabs__link"> Changelog </a> </li> <li class="md-tabs__item"> <a href="../../wishlist/" class="md-tabs__link"> Wishlist </a> </li> </ul> </div> </nav> <main class="md-main" data-md-component="main"> <div class="md-main__inner md-grid"> <div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" > <div class="md-sidebar__scrollwrap"> <div class="md-sidebar__inner"> <nav class="md-nav md-nav--primary md-nav--lifted" aria-label="Navigation" data-md-level="0"> <label class="md-nav__title" for="__drawer"> <a href="../.." title="derivepassphrase" class="md-nav__button md-logo" aria-label="derivepassphrase" data-md-component="logo"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54"/></svg> </a> derivepassphrase </label> <div class="md-nav__source"> <a href="https://git.schokokeks.org/derivepassphrase.git" title="Go to repository" class="md-source" data-md-component="source"> <div class="md-source__icon md-icon"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.7.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2024 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81"/></svg> </div> <div class="md-source__repository"> the-13th-letter/derivepassphrase </div> </a> </div> <ul class="md-nav__list" data-md-scrollfix> <li class="md-nav__item"> <a href="../.." class="md-nav__link"> <span class="md-ellipsis"> Overview </span> </a> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_2" > <div class="md-nav__link md-nav__container"> <a href="../../tutorials/" class="md-nav__link "> <span class="md-ellipsis"> Tutorials & Examples </span> </a> <label class="md-nav__link " for="__nav_2" id="__nav_2_label" tabindex="0"> <span class="md-nav__icon md-icon"></span> </label> </div> <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="false"> <label class="md-nav__title" for="__nav_2"> <span class="md-nav__icon md-icon"></span> Tutorials & Examples </label> <ul class="md-nav__list" data-md-scrollfix> <li class="md-nav__item"> <a href="../../tutorials/basic-setup-passphrase/" class="md-nav__link"> <span class="md-ellipsis"> Setting up derivepassphrase vault for three accounts, with a master passphrase </span> </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_3" > <div class="md-nav__link md-nav__container"> <a href="../../how-tos/" class="md-nav__link "> <span class="md-ellipsis"> How-Tos </span> </a> <label class="md-nav__link " for="__nav_3" id="__nav_3_label" tabindex="0"> <span class="md-nav__icon md-icon"></span> </label> </div> <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="false"> <label class="md-nav__title" for="__nav_3"> <span class="md-nav__icon md-icon"></span> How-Tos </label> <ul class="md-nav__list" data-md-scrollfix> <li class="md-nav__item"> <a href="../../how-tos/ssh-key/" class="md-nav__link"> <span class="md-ellipsis"> How to set up derivepassphrase vault with an SSH key </span> </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_4" > <div class="md-nav__link md-nav__container"> <a href="../../reference/" class="md-nav__link "> <span class="md-ellipsis"> Reference </span> </a> <label class="md-nav__link " for="__nav_4" id="__nav_4_label" tabindex="0"> <span class="md-nav__icon md-icon"></span> </label> </div> <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_4_label" aria-expanded="false"> <label class="md-nav__title" for="__nav_4"> <span class="md-nav__icon md-icon"></span> Reference </label> <ul class="md-nav__list" data-md-scrollfix> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_4_2" > <label class="md-nav__link" for="__nav_4_2" id="__nav_4_2_label" tabindex="0"> <span class="md-ellipsis"> Man pages </span> <span class="md-nav__icon md-icon"></span> </label> <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_4_2_label" aria-expanded="false"> <label class="md-nav__title" for="__nav_4_2"> <span class="md-nav__icon md-icon"></span> Man pages </label> <ul class="md-nav__list" data-md-scrollfix> <li class="md-nav__item"> <a href="../../reference/derivepassphrase.1/" class="md-nav__link"> <span class="md-ellipsis"> derivepassphrase(1) </span> </a> </li> <li class="md-nav__item"> <a href="../../reference/derivepassphrase-vault.1/" class="md-nav__link"> <span class="md-ellipsis"> derivepassphrase-vault(1) </span> </a> </li> <li class="md-nav__item"> <a href="../../reference/derivepassphrase-export.1/" class="md-nav__link"> <span class="md-ellipsis"> derivepassphrase-export(1) </span> </a> </li> <li class="md-nav__item"> <a href="../../reference/derivepassphrase-export-vault.1/" class="md-nav__link"> <span class="md-ellipsis"> derivepassphrase-export-vault(1) </span> </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_4_3" > <label class="md-nav__link" for="__nav_4_3" id="__nav_4_3_label" tabindex="0"> <span class="md-ellipsis"> API docs: Module derivepassphrase </span> <span class="md-nav__icon md-icon"></span> </label> <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_4_3_label" aria-expanded="false"> <label class="md-nav__title" for="__nav_4_3"> <span class="md-nav__icon md-icon"></span> API docs: Module derivepassphrase </label> <ul class="md-nav__list" data-md-scrollfix> <li class="md-nav__item"> <a href="../../reference/derivepassphrase.cli/" class="md-nav__link"> <span class="md-ellipsis"> Submodule cli </span> </a> </li> <li class="md-nav__item"> <a href="../../reference/derivepassphrase.exporter/" class="md-nav__link"> <span class="md-ellipsis"> Subpackage exporter </span> </a> </li> <li class="md-nav__item"> <a href="../../reference/derivepassphrase.sequin/" class="md-nav__link"> <span class="md-ellipsis"> Submodule sequin </span> </a> </li> <li class="md-nav__item"> <a href="../../reference/derivepassphrase.ssh_agent/" class="md-nav__link"> <span class="md-ellipsis"> Submodule ssh_agent </span> </a> </li> <li class="md-nav__item"> <a href="../../reference/derivepassphrase._types/" class="md-nav__link"> <span class="md-ellipsis"> Submodule _types </span> </a> </li> <li class="md-nav__item"> <a href="../../reference/derivepassphrase.vault/" class="md-nav__link"> <span class="md-ellipsis"> Submodule vault </span> </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_4_4" > <label class="md-nav__link" for="__nav_4_4" id="__nav_4_4_label" tabindex="0"> <span class="md-ellipsis"> Technical prerequisites </span> <span class="md-nav__icon md-icon"></span> </label> <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_4_4_label" aria-expanded="false"> <label class="md-nav__title" for="__nav_4_4"> <span class="md-nav__icon md-icon"></span> Technical prerequisites </label> <ul class="md-nav__list" data-md-scrollfix> <li class="md-nav__item"> <a href="../../reference/prerequisites-ssh-key/" class="md-nav__link"> <span class="md-ellipsis"> Using derivepassphrase vault with an SSH key </span> </a> </li> </ul> </nav> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--active md-nav__item--section md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_5" checked> <div class="md-nav__link md-nav__container"> <a href="../" class="md-nav__link "> <span class="md-ellipsis"> Design & Background </span> </a> <label class="md-nav__link " for="__nav_5" id="__nav_5_label" tabindex=""> <span class="md-nav__icon md-icon"></span> </label> </div> <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_5_label" aria-expanded="true"> <label class="md-nav__title" for="__nav_5"> <span class="md-nav__icon md-icon"></span> Design & Background </label> <ul class="md-nav__list" data-md-scrollfix> <li class="md-nav__item"> <a href="../faq-altered-versions/" class="md-nav__link"> <span class="md-ellipsis"> "altered versions" license requirement </span> </a> </li> <li class="md-nav__item md-nav__item--active"> <input class="md-nav__toggle md-toggle" type="checkbox" id="__toc"> <label class="md-nav__link md-nav__link--active" for="__toc"> <span class="md-ellipsis"> "interchangable passphrases" in vault </span> <span class="md-nav__icon md-icon"></span> </label> <a href="./" class="md-nav__link md-nav__link--active"> <span class="md-ellipsis"> "interchangable passphrases" in vault </span> </a> <nav class="md-nav md-nav--secondary" aria-label="Table of contents"> <label class="md-nav__title" for="__toc"> <span class="md-nav__icon md-icon"></span> Table of contents </label> <ul class="md-nav__list" data-md-component="toc" data-md-scrollfix> <li class="md-nav__item"> <a href="#what-are-interchangable-passphrases" class="md-nav__link"> <span class="md-ellipsis"> What are “interchangable passphrases”? </span> </a> </li> <li class="md-nav__item"> <a href="#what-is-the-hmac-key-mapping-procedure" class="md-nav__link"> <span class="md-ellipsis"> What is the HMAC key mapping procedure? </span> </a> </li> <li class="md-nav__item"> <a href="#what-effect-does-the-hmac-key-mapping-procedure-have-on-key-security" class="md-nav__link"> <span class="md-ellipsis"> What effect does the HMAC key mapping procedure have on key security? </span> </a> </li> <li class="md-nav__item"> <a href="#what-effect-does-the-hmac-key-mapping-procedure-have-on-derivepassphrase" class="md-nav__link"> <span class="md-ellipsis"> What effect does the HMAC key mapping procedure have on derivepassphrase? </span> </a> </li> </ul> </nav> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_6" > <label class="md-nav__link" for="__nav_6" id="__nav_6_label" tabindex="0"> <span class="md-ellipsis"> Changelog </span> <span class="md-nav__icon md-icon"></span> </label> <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_6_label" aria-expanded="false"> <label class="md-nav__title" for="__nav_6"> <span class="md-nav__icon md-icon"></span> Changelog </label> <ul class="md-nav__list" data-md-scrollfix> <li class="md-nav__item"> <a href="../../changelog/" class="md-nav__link"> <span class="md-ellipsis"> Changelog </span> </a> </li> <li class="md-nav__item"> <a href="../../upgrade-notes/" class="md-nav__link"> <span class="md-ellipsis"> Upgrade notes </span> </a> </li> <li class="md-nav__item"> <a href="../../pycompatibility/" class="md-nav__link"> <span class="md-ellipsis"> Python compatibility </span> </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_7" > <div class="md-nav__link md-nav__container"> <a href="../../wishlist/" class="md-nav__link "> <span class="md-ellipsis"> Wishlist </span> </a> </div> <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_7_label" aria-expanded="false"> <label class="md-nav__title" for="__nav_7"> <span class="md-nav__icon md-icon"></span> Wishlist </label> <ul class="md-nav__list" data-md-scrollfix> </ul> </nav> </li> </ul> </nav> </div> </div> </div> <div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" > <div class="md-sidebar__scrollwrap"> <div class="md-sidebar__inner"> <nav class="md-nav md-nav--secondary" aria-label="Table of contents"> <label class="md-nav__title" for="__toc"> <span class="md-nav__icon md-icon"></span> Table of contents </label> <ul class="md-nav__list" data-md-component="toc" data-md-scrollfix> <li class="md-nav__item"> <a href="#what-are-interchangable-passphrases" class="md-nav__link"> <span class="md-ellipsis"> What are “interchangable passphrases”? </span> </a> </li> <li class="md-nav__item"> <a href="#what-is-the-hmac-key-mapping-procedure" class="md-nav__link"> <span class="md-ellipsis"> What is the HMAC key mapping procedure? </span> </a> </li> <li class="md-nav__item"> <a href="#what-effect-does-the-hmac-key-mapping-procedure-have-on-key-security" class="md-nav__link"> <span class="md-ellipsis"> What effect does the HMAC key mapping procedure have on key security? </span> </a> </li> <li class="md-nav__item"> <a href="#what-effect-does-the-hmac-key-mapping-procedure-have-on-derivepassphrase" class="md-nav__link"> <span class="md-ellipsis"> What effect does the HMAC key mapping procedure have on derivepassphrase? </span> </a> </li> </ul> </nav> </div> </div> </div> <div class="md-content" data-md-component="content"> <article class="md-content__inner md-typeset"> <a href="https://git.schokokeks.org/derivepassphrase.git/raw/master/docs/explanation/faq-vault-interchangable-passphrases.md" title="View source of this page" class="md-content__button md-icon"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M17 18c.56 0 1 .44 1 1s-.44 1-1 1-1-.44-1-1 .44-1 1-1m0-3c-2.73 0-5.06 1.66-6 4 .94 2.34 3.27 4 6 4s5.06-1.66 6-4c-.94-2.34-3.27-4-6-4m0 6.5a2.5 2.5 0 0 1-2.5-2.5 2.5 2.5 0 0 1 2.5-2.5 2.5 2.5 0 0 1 2.5 2.5 2.5 2.5 0 0 1-2.5 2.5M9.27 20H6V4h7v5h5v4.07c.7.08 1.36.25 2 .49V8l-6-6H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h4.5a8.2 8.2 0 0 1-1.23-2"/></svg> </a> <h1 id="what-are-interchangable-passphrases-in-vault-and-what-does-that-mean-in-practice">What are “interchangable passphrases” in <code>vault</code>, and what does that mean in practice?<a class="headerlink" href="#what-are-interchangable-passphrases-in-vault-and-what-does-that-mean-in-practice" title="Permanent link">¶</a></h1> <h2 id="what-are-interchangable-passphrases">What are “interchangable passphrases”?<a class="headerlink" href="#what-are-interchangable-passphrases" title="Permanent link">¶</a></h2> <p>The “vault” derivation scheme internally uses PBKDF2-HMAC-SHA1<sup id="fnref:1"><a class="footnote-ref" href="#fn:1">1</a></sup> to turn the master passphrase<sup id="fnref:2"><a class="footnote-ref" href="#fn:2">2</a></sup> into a pseudo-random bit sequence, which then drives the actual passphrase derivation. In this context, the master passphrase is passed directly as a key to HMAC-SHA1, and because HMAC-SHA1 requires keys of exactly 64 bytes size, the key is thus subject to the HMAC key mapping procedure. Because the mapping of infinitely many arbitrarily sized keys to 64-byte sized keys cannot be one-to-one, there exist pairs of keys that behave identically when passed into (PBKDF2-)HMAC-SHA1, i.e., the keys (master passphrases) are “interchangable” from the vault scheme’s perspective.</p> <p>Fundamentally, this is an issue of <em>encoding</em>: the master passphrase is interpreted as an encoding of the HMAC-SHA1 key, and this encoding is not unique, so the effective space of HMAC-SHA1 keys is reduced through the presence of “non-canonical” encodings of keys.</p> <h2 id="what-is-the-hmac-key-mapping-procedure">What is the HMAC key mapping procedure?<a class="headerlink" href="#what-is-the-hmac-key-mapping-procedure" title="Permanent link">¶</a></h2> <details class="abstract" open="open"> <summary>HMAC key mapping procedure</summary> <p>Let <var>MP</var> denote the master passphrase, and let <var>K</var> denote the HMAC key candidate. Let <var>B</var> denote the block size of HMAC-SHA1 in bytes, i.e., <code>64</code>. At the beginning, <var>K</var> = <var>MP</var>.</p> <ol> <li>If <var>K</var> (= <var>MP</var>) is larger than <var>B</var>, set <var>K</var> to <code>SHA1(K)</code>. This updates <var>K</var> for all further steps below.</li> <li>If <var>K</var> is smaller than <var>B</var>, append as many NUL bytes as necessary to extend <var>K</var> to size <var>B</var>.</li> <li>Use <var>K</var> as the HMAC key.</li> </ol> </details> <h2 id="what-effect-does-the-hmac-key-mapping-procedure-have-on-key-security">What effect does the HMAC key mapping procedure have on key security?<a class="headerlink" href="#what-effect-does-the-hmac-key-mapping-procedure-have-on-key-security" title="Permanent link">¶</a></h2> <p>The key space shrinks to 99.6% of its original size. But since it started out as astronomically large (2<sup>512</sup>), it <em>still</em> is astronomically large.</p> <details class="example"> <summary>Mathematical details: key space</summary> <table> <thead> <tr> <th style="text-align: left;">variant</th> <th style="text-align: left;">key space size</th> <th style="text-align: left;">fraction of total size</th> </tr> </thead> <tbody> <tr> <td style="text-align: left;">64-byte keys only</td> <td style="text-align: left;">256<sup>64</sup> = 13407807929942597099574024998205846127479365820592393377723561443721764030073546976801874298166903427690031858186486050853753882811946569946433649006084096</td> <td style="text-align: left;">99.609375%</td> </tr> <tr> <td style="text-align: left;">full key size up to 64 bytes</td> <td style="text-align: left;">(256<sup>65</sup> – 1) / (256 – 1) = 13460387568883548460748825096238025916214579019888834136067575410167731732152266768867764001296969715641757473316629133406121545097483615318772604492382465</td> <td style="text-align: left;">100%</td> </tr> </tbody> </table> <p>The key space sizes can be calculated using the following formulas. Let <var>q</var> = <code>256</code> denote the alphabet size of binary strings, and let <var>n</var> denote the string length. The total count of all strings of size <var>n</var> is <var>q</var><sup><var>n</var></sup>, and the total count of all strings up to (and including) size <var>n</var> is (<var>q</var><sup><var>n</var> + 1</sup> – 1) / (<var>q</var> – 1) per the formula for geometric series.</p> <p>Verification:</p> <div class="highlight"><pre><span></span><code><span class="gp">$ </span><span class="c1"># using GNU bc 1.07.1</span> <span class="gp">$ </span> <span class="gp">$ </span><span class="nv">BC_LINE_LENGTH</span><span class="o">=</span><span class="m">0</span><span class="w"> </span>bc<span class="w"> </span><<<span class="s1">'HERE'</span> <span class="go">> # The total count of size 64 byte strings.</span> <span class="go">> 256^64</span> <span class="go">> # The total count of byte strings of size 64 or less.</span> <span class="go">> (256^65 - 1) / (256 - 1)</span> <span class="go">> # The fraction of the former within the latter.</span> <span class="go">> scale = 8</span> <span class="go">> (256^64) / ((256^65 - 1) / (256 - 1))</span> <span class="go">> HERE</span> <span class="go">13407807929942597099574024998205846127479365820592393377723561443721764030073546976801874298166903427690031858186486050853753882811946569946433649006084096</span> <span class="go">13460387568883548460748825096238025916214579019888834136067575410167731732152266768867764001296969715641757473316629133406121545097483615318772604492382465</span> <span class="go">.99609375</span> <span class="gp">$ </span> <span class="gp">$ </span><span class="nv">BC_LINE_LENGTH</span><span class="o">=</span><span class="m">0</span><span class="w"> </span>bc<span class="w"> </span><<<span class="s1">'HERE'</span> <span class="go">> # The fraction of unusable keys.</span> <span class="go">> scale = 160</span> <span class="go">> (256^64 - 1) / (256^65 - 1)</span> <span class="go">> 1 / 256</span> <span class="go">> HERE</span> <span class="go">.0039062499999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999997097</span> <span class="go">.0039062500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000</span> </code></pre></div> </details> <p>In particular, assuming a sufficiently secure master passphrase, this mapping procedure is still cryptographically secure against attackers without possession of the master passphrase if the hashing function (here: SHA1) is secure against preimage attacks:</p> <ul> <li> <p>The attacker can attempt to guess a NUL-extended version of the passphrase if it is shorter than or equal in length to 64 bytes. This has the same computational cost as guessing the master passphrase directly, which is cryptographically secure by assumption.</p> </li> <li> <p>The attacker can attempt to guess a hashed and NUL-extended version of the passphrase if it is larger than 64 bytes. This amounts to carrying out a preimage attack against the SHA1 digest of the master passphrase, which is also cryptographically secure by assumption.</p> </li> </ul> <h2 id="what-effect-does-the-hmac-key-mapping-procedure-have-on-derivepassphrase">What effect does the HMAC key mapping procedure have on <code>derivepassphrase</code>?<a class="headerlink" href="#what-effect-does-the-hmac-key-mapping-procedure-have-on-derivepassphrase" title="Permanent link">¶</a></h2> <p><code>derivepassphrase vault</code> does not check for interchangable passphrases, and will happily accept any (non-empty) passphrase it is given. The <a class="autorefs autorefs-internal" title=" Vault" href="../../reference/derivepassphrase.vault/#derivepassphrase.vault.Vault"><code>derivepassphrase.vault.Vault</code></a> class does not check for interchangable passphrases either, and will happily accept any passphrase it is given, even empty ones.</p> <p>Most interchangable variations of a master passphrase contain binary characters such as NUL, or even arbitrary byte sequences, which may be hard to type in or impossible to express in certain storage formats. As such, it is unlikely—but otherwise supported—that the user would want to enter or store a different, interchangable version of their master passphrase in the first place.</p> <div class="footnote"> <hr /> <ol> <li id="fn:1"> <p>PBKDF2 is a key derivation function, published in <a href="https://datatracker.ietf.org/doc/html/rfc2898">RFC 2898</a>. It uses a pseudo-random function such as HMAC-SHA1 (hashed message authentication code, specified in <a href="https://datatracker.ietf.org/doc/html/rfc2104">RFC 2104</a> and using SHA1 as the underlying hash function) when processing its input. PBKDF2 passes the key on to its pseudo-random function, and otherwise only depends on the output of the pseudo-random function, not on the key. <a class="footnote-backref" href="#fnref:1" title="Jump back to footnote 1 in the text">↩</a></p> </li> <li id="fn:2"> <p>If you use a master SSH key, it is first converted to an “equivalent master passphrase”. <a class="footnote-backref" href="#fnref:2" title="Jump back to footnote 2 in the text">↩</a></p> </li> </ol> </div> </article> </div> </div> </main> <footer class="md-footer"> <nav class="md-footer__inner md-grid" aria-label="Footer" > <a href="../faq-altered-versions/" class="md-footer__link md-footer__link--prev" aria-label="Previous: "altered versions" license requirement"> <div class="md-footer__button md-icon"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11z"/></svg> </div> <div class="md-footer__title"> <span class="md-footer__direction"> Previous </span> <div class="md-ellipsis"> "altered versions" license requirement </div> </div> </a> <a href="../../changelog/" class="md-footer__link md-footer__link--next" aria-label="Next: Changelog"> <div class="md-footer__title"> <span class="md-footer__direction"> Next </span> <div class="md-ellipsis"> Changelog </div> </div> <div class="md-footer__button md-icon"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11z"/></svg> </div> </a> </nav> <div class="md-footer-meta md-typeset"> <div class="md-footer-meta__inner md-grid"> <div class="md-copyright"> <div class="md-copyright__highlight"> Copyright © 2025 Marco Ricci (the-13th-letter) </div> Made with <a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener"> Material for MkDocs </a> and <a href="https://mkdocstrings.github.io/python/" target="_blank" rel="noopener"> mkdocstrings-python </a> </div> </div> </div> </footer> </div> <div class="md-dialog" data-md-component="dialog"> <div class="md-dialog__inner md-typeset"></div> </div> </body> </html>
