Not sure if this is a bug or just a misunderstanding from my end on how prince derives permutations, but I've been using the --keyspace operator to determine permutation counts for various passphrase sizes (e.g. four-word passphrases versus five-word passphrases) and have run into an issue where the calculated keyspace for five-word passphrases is significantly lower than for four-word passphrases, and this feels like it should not be correct. Here's the wordlist I'm using: https://github.com/freedomofpress/securedrop/blob/develop/securedrop/wordlists/en.txt and here's the example commands and output:
roycewilliams
commented
1 year ago
Not sure if this is a bug or just a misunderstanding from my end on how prince derives permutations, but I've been using the
--keyspaceoperator to determine permutation counts for various passphrase sizes (e.g. four-word passphrases versus five-word passphrases) and have run into an issue where the calculated keyspace for five-word passphrases is significantly lower than for four-word passphrases, and this feels like it should not be correct. Here's the wordlist I'm using: https://github.com/freedomofpress/securedrop/blob/develop/securedrop/wordlists/en.txt and here's the example commands and output:Four-word passphrases
Five-word passphrases
I'm using Ubuntu 22.04.1 on a 64-bit Intel CPU, glibc version 2.35 in case that helps.