For this activity, you will calculate the strength of a five-word Diceware passphrase in terms of the time and money required to crack it.
The Diceware system uses five six-sided dice to randomly select words from a wordlist of 7,776 words. 7,776 equals the number of sides on one dice, raised to the number of dice rolled together (65 = 7,776). This way, every roll of the five dice randomly selects a word from the list. Read more about Diceware here.
The EFF has created a set of Diceware lists that are easier to use. For this activity, use the EFF’s “long” improved-usability list, which also has 7,776 words, but which are easier to type and remember.
Using dice, create two five-word Diceware passphrases. What passphrases did you create?
What is the amount of entropy in bits for your five-word Diceware passphrases? How many possible passwords does that represent? Show your work.
Note: Each Diceware word is worth an additional
12.9bits of entropy. This is because 2
12.9≈ 7776, the length of the Diceware word list.
On average, how long in hours would it take to guess a five-word Diceware passphrase if you could try 1 billion passwords a second? How many years? Show your work.
Note: The average of a uniform distribution is half the numbers in a set.
An Amazon EC2 p3.16xlarge high-performance computer can try 76,920 master passwords a second for the 1Password password manager.1 About how many of these computers would you need to rent in order to try 1 billion 1Password master passwords a second?
One Amazon EC2 p3.16xlarge computer costs $24.48 an hour to rent as of February 2019. Guessing at the rate of 1 billion passwords a second, on average how much would it cost you to rent enough of these computers to crack a 1Password master password that uses a five-word Diceware passphrase?2
In other words:
(# of hours from answer to Question 2) * (# computers from answer to Question 4) * $24.48 an hour = Total cost in $
What does Diceware have to do with Kerckhoff’s principle and Shannon’s maxim?
How usable/memorable do you think Diceware passphrases are?
Iraklis Mathiopoulos’ p3.16xlarge Hashcat benchmarks showed that it can guess 192.3 thousand 1Password master passwords a second at 40,000 iterations (hash mode 8200). However, 1Password now uses a slow hashing algorithm (PBKDF2-HMAC-SHA256) to hash the master password with 100,000 iterations, or about 2.5 slower than the Hashcat benchmark. 192,300 / 2.5 = 76,920. ↩