moac: git.sr.ht/~seirdy/moac/v2 Index | Files | Directories

package moac

import "git.sr.ht/~seirdy/moac/v2"

Package moac provides the utilities to calculate password strength given physical constraints.

Index

Package Files

doc.go givens.go

Constants

const (
    // C is the speed of light in a vacuum, m/s.
    C   = 299792458
    // G is the gravitation constant, m^3/kg/s^2.
    G   = 6.67408e-11
    // Hubble is Hubble's Constant, hertz.
    Hubble = 2.2e-18
    // UTemp is a low estimate for the temperature of cosmic background radiation, kelvin.
    UTemp = 2.7
    // Boltzmann is Boltzmann's constant, J/K.
    Boltzmann = 1.3806503e-23
    // Planck is Planck's Constant, J*s.
    Planck = 6.62607015e-35

    // UMass is the mass of the observable universe.
    UMass = C * C * C / (2 * G * Hubble)
    // Bremermann is Bremermann's limit.
    Bremermann = C * C / Planck

    // DefaultEntropy is the number of bits of entropy to target if no target entropy is provided.
    DefaultEntropy = 256
)

Variables

var (
    ErrMissingValue = errors.New("not enough given values")
    ErrMissingEMT   = fmt.Errorf("%w: missing energy, mass, and/or time", ErrMissingValue)
    ErrMissingPE    = fmt.Errorf("%w: missing password and/or entropy", ErrMissingValue)
)

Errors for missing physical values that are required to compute desired values.

type Givens

type Givens struct {
    Password         string
    Entropy          float64
    Energy           float64
    Mass             float64 // mass used to build a computer or convert to energy
    Time             float64 // Duration of the attack, in seconds.
    Temperature      float64 // Duration of the attack, in seconds.
    EnergyPerGuess   float64
    Power            float64
    GuessesPerSecond float64
}

Givens holds the "given" values used to compute password strength. These values are all physical quantities, measured using standard SI units.

func (*Givens) BruteForceability

func (givens *Givens) BruteForceability() (float64, error)

BruteForceability computes the liklihood that a password will be brute-forced given the contstraints in givens. if 0 < BruteForceability <= 1, it represents the probability that the password can be brute-forced. if BruteForceability > 1, it represents the number of times a password can be brute-forced with certainty.

func (*Givens) BruteForceabilityQuantum

func (givens *Givens) BruteForceabilityQuantum() (float64, error)

BruteForceabilityQuantum is equivalent to BruteForceability, but accounts for quantum computers that use Grover's Algorithm.

func (*Givens) MinEntropy

func (givens *Givens) MinEntropy() (entropyNeeded float64, err error)

MinEntropy calculates the maximum password entropy that the MOAC can certainly brute-force. Passwords need an entropy greater than this to have a chance of not being guessed.

func (*Givens) MinEntropyQuantum

func (givens *Givens) MinEntropyQuantum() (entropyNeeded float64, err error)

MinEntropyQuantum is equivalent to MinEntropy, but accounts for quantum computers that use Grover's Algorithm.

func (*Givens) Populate

func (givens *Givens) Populate() error

Populate will solve for entropy, guesses per second, and energy if they aren't given. If they are given, it updates them if the computed value is a greater bottleneck than the given value.

Directories

PathSynopsis
charsetsPackage charsets contains types, functions, and defaults for charsets used in passwords.
cmd
cmd/moac
cmd/moac-pwgen
entropyPackage entropy provides a means to compute entropy of a given random string by analyzing both the charsets used and its length.
internal
pwgenPackage pwgen allows generating random passwords given charsets, length limits, and target entropy.

Package moac imports 6 packages (graph).

Version v2.0.2 (latest) | Published Oct 5, 2021 | Platform: linux/amd64 | Updated 1 day ago

.
Tools for package owners.