[spacebanana7]

I suspect this can be bypassed with knowledge about the size of the target system.

Intuitively, there are a finite number of passwords that can be stored on earth, so a large enough system should be able to enumerate them? Whilst also existing in the observable universe.

[andrewflnr]

By "target system" you mean "system from which the password originated", right? But unless you think true randomness is impossible, and also that all possible sources of pseudo-random input on Earth come from terrestrial sources and not, say, incoming cosmic radiation, then knowing the size of the "Earth" system is no constraint at all. A heuristic for focusing your search, maybe, if you think the password is likely to be something easily memorable for a human, but that's nothing to do with the size of the system, just commonly-transmitted information there.

The phrase "stored on Earth" is a red herring. You don't need to store all possible passwords for those passwords to be possible to generate here. And really, a consequence of the article is that if enumerating even a couple hundred bits is prohibitive, then enumerating all possible information that could be generated by and stored in an earth-size system, as you seem to be suggesting, is no better.

[spacebanana7]

> By "target system" you mean "system from which the password originated", right?

Yeah that’s correct.

> The phrase "stored on Earth" is a red herring. You don't need to store all possible passwords for those passwords to be possible to generate here.

A password used to protect a system must be persistently stored inside that system.

The number of passwords that can be generated on earth is greater than the number that can be persistently stored on earth.

For example, an iPhone must locally store a user’s unlock PIN code. However, it could theoretically generate a 20TB password for an external site in chunks without ever storing the full password locally.

Energy is a binding for password generation; but size is a constraint for password storage, which likely kicks in a lot earlier.

[andrewflnr]

The password being persistently stored is not really a requirement here. That depends on the cryptosystem involved, among other things. What if I encrypt a ciphertext and throw away/forget the key?

Anyway, the constraint you're proposing here is, only passwords that can be encoded in all possible configurations of matter making up the earth? And you do have to contend with all possible configurations, if all you know is the size of the system, or even the mass and composition. As tedunangst put it, that's a lot of bits. I think we'll hit the 300-400 bit computational limit first.

[yjftsjthsd-h]

> A password used to protect a system must be persistently stored inside that system.

No it isn't; any system which is even remotely decent will only store the (usually salted) hash of passwords used on it.

[andreareina]

You're still essentially bound by having to consider all the passwords that could be generated. Let's say that passwords are limited to 2048 bits, but you can only store 2^128 passwords. The problem is that you don't know which 2^2048 passwords have been stored, so you have to go through them all anyway.

[kragen]

You only have to store a single 340-bit password (or something equivalent) in order to secure something with a 340-bit password. You can do this by, for example, writing down a 103-bit number on paper, which you can do on a business card with a pencil. Your argument seems to depend on the defender needing to store all possible 340-bit passwords, which they don't.

[tedunangst]

There are a lot of bits available on the earth.