[MUD-Dev] Re: [DevMUD] Re: Database module

Jay Carlson nop at mitre.org
Tue Dec 22 10:03:02 CET 1998 

cynbe <cynbe at muq.org> wrote:

> (2) If you need to pass numbers through human channels, a possible
>     improvement on UUENCODE-ing style translation is:
>      (a) Pick a set of 1024 words (probably short, single-syllable words)
>      (b) bite off 10-bit chunks from your integer, and use each to select
>          a word from the set:  A 64-bit integer becomes seven words.
>     The result will be a number encoding with much more mnemonic value to
>     native speakers than the corresponding UUENCODE-ed version:  I'm sure
>     any of us can remember seven words easier than 16 random hex digits.

That's what S/Key (and its successor systems) do.  Quoting RFC 2289:

   The one-time password generated by the above procedure is 64 bits in
   length. Entering a 64 bit number is a difficult and error prone
   process. [...] The one-time password therefore
   MAY be converted to, and all servers MUST be capable of accepting it
   as, a sequence of six short (1 to 4 letter) easily typed words that
   only use characters from ISO-646 IVCS. Each word is chosen from a
   dictionary of 2048 words; at 11 bits per word, all one-time passwords
   may be encoded.

   The two extra bits in this encoding are used to store a checksum. [...]

The OTPs spit out look like TERN FANG DINT TOG WRY BAWL, which is certainly
better than the hex.

See the RFC (one copy at
ftp://coast.cs.purdue.edu/pub/tools/unix/skey/docs/rfc2289.txt  ) for the
actual dictionary.

>       (For extra credit:  Pick separate verb, noun and adjective sets of
>     1024 words, and arrange for your numbers to make grammatical
> sentences.
>     I'll bet this will increase the mnemonicity of the encoded numbers
>     significantly.)

If you can get enough information crammed in there.  I'm reminded of the
LambdaCore $wiz_utils:random_password function, which make random
consonant-vowel-consonant-vowel-etc strings of specified length.  There are
6 vowels and 17 consonants (c, f, and k removed to help avoid rude-sounding
random strings).  So, if you know a random password is from this generator
and is of length 6, there are only (6 * 17) ^ 3 possibilities....

Jay

More information about the mud-dev-archive mailing list