Diceware Activity

By Drs. Anthony Vance and Dave Eargle

For this activity, you will calculate the strength of a five-word Diceware passphrase in terms of the time and money required to crack it.

The Diceware system uses five six-sided dice to randomly select words from a wordlist of 7,776 words. 7,776 equals the number of sides on one dice, raised to the number of dice rolled together (65 = 7,776). This way, every roll of the five dice randomly selects a word from the list. Read more about Diceware here.

The EFF has created a set of Diceware lists that are easier to use. For this activity, use the EFF’s “long” improved-usability list, which also has 7,776 words, but which are easier to type and remember.

Questions

  1. Using dice, create two five-word Diceware passphrases. What passphrases did you create?

  2. What is the amount of entropy in bits for your five-word Diceware passphrases? How many possible passwords does that represent? Show your work.

    Note: Each Diceware word is worth an additional 12.9 bits of entropy. This is because 212.9 ≈ 7776, the length of the Diceware word list.

  3. On average, how long in hours would it take to guess a five-word Diceware passphrase if you could try 1 billion passwords a second? How many years? Show your work.

    Note: The average of a uniform distribution is half the numbers in a set.

  4. An Amazon EC2 p3.16xlarge high-performance computer can try 76,920 master passwords a second for the 1Password password manager.1 About how many of these computers would you need to rent in order to try 1 billion 1Password master passwords a second?

  5. One Amazon EC2 p3.16xlarge computer costs $24.48 an hour to rent as of February 2019. Guessing at the rate of 1 billion passwords a second, on average how much would it cost you to rent enough of these computers to crack a 1Password master password that uses a five-word Diceware passphrase?2

    In other words:

    (# of hours from answer to Question 2) * (# computers from answer to Question 4) * $24.48 an hour = Total cost in $

  6. What does Diceware have to do with Kerckhoff’s principle and Shannon’s maxim?

  7. How usable/memorable do you think Diceware passphrases are?

Footnotes

  1. Iraklis Mathiopoulos’ p3.16xlarge Hashcat benchmarks showed that it can guess 192.3 thousand 1Password master passwords a second at 40,000 iterations (hash mode 8200). However, 1Password now uses a slow hashing algorithm (PBKDF2-HMAC-SHA256) to hash the master password with 100,000 iterations, or about 2.5 slower than the Hashcat benchmark. 192,300 / 2.5 = 76,920. 

  2. This question is inspired by Micah Flee’s calculations here