Tree [122c0b] master /
History



File Date Author Commit
cmake_support 2013-02-10 Guy Rutenberg Guy Rutenberg [9451de] Improve PortAudio detection.
.gitignore 2012-07-09 Guy Rutenberg Guy Rutenberg [071a1b] Added .gitignore file.
CMakeLists.txt 2013-03-09 Guy Rutenberg Guy Rutenberg [40a984] Add `spass-qt` to the binary package.
COPYING 2012-06-08 Guy Rutenberg Guy Rutenberg [92a324] Intial commit
README.rst 2013-02-28 Guy Rutenberg Guy Rutenberg [ecf013] Update version string to reflect version bump.
audio_random.cpp 2012-06-29 Guy Rutenberg Guy Rutenberg [f19ffd] Add ALSA backend.
audio_random.h 2012-06-09 Guy Rutenberg Guy Rutenberg [e44adc] Refactor code to allow other backends apart fro...
audio_random_alsa.cpp 2012-06-29 Guy Rutenberg Guy Rutenberg [f19ffd] Add ALSA backend.
audio_random_alsa.h 2013-02-09 Guy Rutenberg Guy Rutenberg [c8a77d] Add proper copyright notices to new files.
audio_random_oss.cpp 2012-06-09 Guy Rutenberg Guy Rutenberg [20b01f] Add OSS backend.
audio_random_oss.h 2012-06-09 Guy Rutenberg Guy Rutenberg [20b01f] Add OSS backend.
audio_random_portaudio.cpp 2012-07-09 Guy Rutenberg Guy Rutenberg [af9c5a] Open stream once for PortAudio backend.
audio_random_portaudio.h 2013-02-10 Guy Rutenberg Guy Rutenberg [9451de] Improve PortAudio detection.
config.h.cmake 2013-02-09 Guy Rutenberg Guy Rutenberg [816f2e] Refactor the audio backend selection.
diceware8k.c 2012-06-09 Guy Rutenberg Guy Rutenberg [4d3576] Add option to generate passphrases.
main.cpp 2013-02-28 Guy Rutenberg Guy Rutenberg [ecf013] Update version string to reflect version bump.
main_qt.cpp 2013-01-31 Guy Rutenberg Guy Rutenberg [371564] Initial work on QT frontend.
mainwindow.cpp 2013-02-28 Guy Rutenberg Guy Rutenberg [ecf013] Update version string to reflect version bump.
mainwindow.h 2013-02-09 Guy Rutenberg Guy Rutenberg [c8a77d] Add proper copyright notices to new files.
mainwindow.ui 2013-03-09 Guy Rutenberg Guy Rutenberg [122c0b] Remove unused menu bar, toolbar and status bar ...
md5.c 2013-02-12 Guy Rutenberg Guy Rutenberg [3e6b43] Make the code compile under MSVC 2012.
md5.h 2012-06-08 Guy Rutenberg Guy Rutenberg [92a324] Intial commit
spass_utils.cpp 2013-02-09 Guy Rutenberg Guy Rutenberg [c8a77d] Add proper copyright notices to new files.
spass_utils.h 2013-02-12 Guy Rutenberg Guy Rutenberg [3e6b43] Make the code compile under MSVC 2012.

Read Me

Readme - spass

Secure password/passphrase generator.

Authors

Usage

By default spass will generate passwords. You can control the length using the -l modifier. Examples:

$ spass
mqGP0GEZ
$ ./spass -l 10
@-9Me6VNnT

If you pass the -p modifier, spass will output a passphrase instead of a password:

$ ./spass -p -l 4
pecan suey faith signor

For more options see spass --help.

Installation

Dependencies

  • CMake-2.8
  • PortAudio

Linux

Just run:

mkdir build
cd build
cmake ..
make
sudo make install

Or use one of the provided binary packages.

Windows

Compiling Boost and PortAudio from source is easy. PortAudio uses CMake (just generate and compile), and compiling boost is a matter of: bootstrap and .\b2.

If you use Visual Studio Express 2012, you may need to set the Boost_COMPILER variable in CMake to -vc110, else it won't be detected properly.

In order to select the right Qt installation, set QT_QMAKE_EXECUTABLE to point to the correct path to qmake.exe. CMake will use it to infer the rest of the paths.

Due to a bug in CMake (actually a regression) setting the SubSystem doesn't work as it should. It should be set manually in the Project Properties->Linker->System to "Windows" (at least for release).

Configuration

cmake can receive the following options:

WITH_PORTAUDIO          use PortAudio as the audio backend instead of ALSA
                        [default=OFF]
WITH_OSS                use Open Sound System (OSS) as the audio backend
                        instead of ALSA [default=OFF]
WITH_ALSA               use Advanced Linux Sound Architecture (ALSA) as the
                        audio backend [default=ON]

The options are exclusive, e.g. only one of them can be used each time. If no option is provided, the ALSA is used.

Security

The security of a password generator like spass, is determined by the quality of its underlying random number generator. spass employs a true random number generator based on noise obtained via the microphone. The noise goes through an unbiasing phase and then every 512 bits are compressed into 128 bits using a hash function. After those two phases the output bits should have full entropy.

See also Audio Based True Random Number Generator POC.

The words for the passphrases are taken from a list containing 8192 words. Hence, each word provides 13 bits of entropy.

Caveats

The current implementation can't open the audio device for capture in an exclusive mode (due to ALSA limitation). This means that theoratically, if you use spass on a system with a malicious user, he could record the same noise you're using and guess the output of spass. This means that you've to be in full control of the system your using spass on. While this may seem problematic, in practice it's a requirement for every other cryptography related application as well.