|
|
|
|
|
|
by andrewflnr
599 days ago
|
|
|
By "target system" you mean "system from which the password originated", right? But unless you think true randomness is impossible, and also that all possible sources of pseudo-random input on Earth come from terrestrial sources and not, say, incoming cosmic radiation, then knowing the size of the "Earth" system is no constraint at all. A heuristic for focusing your search, maybe, if you think the password is likely to be something easily memorable for a human, but that's nothing to do with the size of the system, just commonly-transmitted information there. The phrase "stored on Earth" is a red herring. You don't need to store all possible passwords for those passwords to be possible to generate here. And really, a consequence of the article is that if enumerating even a couple hundred bits is prohibitive, then enumerating all possible information that could be generated by and stored in an earth-size system, as you seem to be suggesting, is no better. |
|
|
Yeah that’s correct.
> The phrase "stored on Earth" is a red herring. You don't need to store all possible passwords for those passwords to be possible to generate here.
A password used to protect a system must be persistently stored inside that system.
The number of passwords that can be generated on earth is greater than the number that can be persistently stored on earth.
For example, an iPhone must locally store a user’s unlock PIN code. However, it could theoretically generate a 20TB password for an external site in chunks without ever storing the full password locally.
Energy is a binding for password generation; but size is a constraint for password storage, which likely kicks in a lot earlier.