moac: Index | Files | Directories

package moac

import ""

Package moac provides the utilities to calculate password strength given physical constraints.


Package Files

doc.go givens.go


const (
    // C is the speed of light in a vacuum, m/s.
    C   = 299792458
    // G is the gravitation constant, m^3/kg/s^2.
    G   = 6.67408e-11
    // Hubble is Hubble's Constant, hertz.
    Hubble = 2.2e-18
    // UTemp is a low estimate for the temperature of cosmic background radiation, kelvin.
    UTemp = 2.7
    // Boltzmann is Boltzmann's constant, J/K.
    Boltzmann = 1.3806503e-23
    // Planck is Planck's Constant, J*s.
    Planck = 6.62607015e-35

    // UMass is the mass of the observable universe.
    UMass = C * C * C / (2 * G * Hubble)
    // Bremermann is Bremermann's limit.
    Bremermann = C * C / Planck

    // DefaultEntropy is the number of bits of entropy to target if no target entropy is provided.
    DefaultEntropy = 256


var (
    ErrMissingValue = errors.New("not enough given values")
    ErrMissingEMT   = fmt.Errorf("%w: missing energy, mass, and/or time", ErrMissingValue)
    ErrMissingPE    = fmt.Errorf("%w: missing password and/or entropy", ErrMissingValue)

Errors for missing physical values that are required to compute desired values.

type Givens

type Givens struct {
    Password         string
    Entropy          float64
    Energy           float64
    Mass             float64 // mass used to build a computer or convert to energy
    Time             float64 // Duration of the attack, in seconds.
    Temperature      float64 // Duration of the attack, in seconds.
    EnergyPerGuess   float64
    Power            float64
    GuessesPerSecond float64

Givens holds the "given" values used to compute password strength. These values are all physical quantities, measured using standard SI units.

func (*Givens) BruteForceability

func (givens *Givens) BruteForceability() (float64, error)

BruteForceability computes the liklihood that a password will be brute-forced given the contstraints in givens. if 0 < BruteForceability <= 1, it represents the probability that the password can be brute-forced. if BruteForceability > 1, it represents the number of times a password can be brute-forced with certainty.

func (*Givens) BruteForceabilityQuantum

func (givens *Givens) BruteForceabilityQuantum() (float64, error)

BruteForceabilityQuantum is equivalent to BruteForceability, but accounts for quantum computers that use Grover's Algorithm.

func (*Givens) MinEntropy

func (givens *Givens) MinEntropy() (entropyNeeded float64, err error)

MinEntropy calculates the maximum password entropy that the MOAC can certainly brute-force. Passwords need an entropy greater than this to have a chance of not being guessed.

func (*Givens) MinEntropyQuantum

func (givens *Givens) MinEntropyQuantum() (entropyNeeded float64, err error)

MinEntropyQuantum is equivalent to MinEntropy, but accounts for quantum computers that use Grover's Algorithm.

func (*Givens) Populate

func (givens *Givens) Populate() error

Populate will solve for entropy, guesses per second, and energy if they aren't given. If they are given, it updates them if the computed value is a greater bottleneck than the given value.


charsetsPackage charsets contains types, functions, and defaults for charsets used in passwords.
entropyPackage entropy provides a means to compute entropy of a given random string by analyzing both the charsets used and its length.
pwgenPackage pwgen allows generating random passwords given charsets, length limits, and target entropy.
v2.0.2 (latest)
Oct 5, 2021
6 packages (graph)
Last checked
2 weeks ago

Tools for package owners.