This is ppgen 1.0, a portable, secure, public domain passphrase generator.


* INTRODUCTION

ppgen generates passphrases using strings of words, long enough to have
an arbitrary level of entropy.  It can use any dictionary and the best
available source of randomness, including PGP's cryptographic RNG if you
have version 2.6.2.  It is written in portable C, and it is fairly fast.

You can use ppgen to generate passphrases whenever you have a program that
accepts long passwords.  I use it for Kerberos and for local passwords
(I use the FreeBSD MD5-based crypt(3), not the standard limited Unix one),
and for my PGP keyring.

Because ppgen is so simple, it can also easily be used by passwd(1)
or adduser(1) programs to choose passwords for users.


* DICTIONARIES

I use a dictionary generated with:

    ispell -e < english.0 | tr ' ' '\n' | sort -u > en.dict

It includes only the more common words and has no American or British
spellings.  There are 47 155 words; they are multiple forms of the
16 467 bases in english.0, which should make the passphrases even
easier to remember, since all words should be familiar.

I use this dictionary on my system to generate four-word passphrases
with 62 bits of entropy.  It's available prebuilt from COAST.

You're free to install your own dictionaries, of course, and users can
even pick which dictionaries they want to put into the word pool when
choosing their passphrases.  ppgen will automatically shorten or lengthen
the passphrase as necessary to keep security constant.

The one caveat is that you should keep the dictionaries nonoverlapping,
or your security will be slightly weakened (to the extent that the
dictionaries overlap) because the words that appear in two dictionaries
will be twice as likely to be chosen.  A little overlap doesn't hurt much,
but don't install variants of the same language; instead, use ppgen's
capability to merge them at runtime.  For example, instead of having a
dictionary for American English and one for British English, use the base
`en' dictionary, then add *supplemental* `en.us' and `en.uk' files.

I recommend you name dictionaries with ISO/IANA language and country
codes, in the usual way.  You might also use capital letters for unusual
special dictionaries, such as a Tolkein word list.  It never hurts to
throw some local color into the passphrases.

Finally, remember that you are not building a Crack dictionary or a
spelling checker dictionary.  The object is not to find a great many
words, or a great many variant spellings; the object is to choose
a relatively small set of words that the users will find memorable.
I like the ispell english.0 dictionary for this reason; it gets 47k
words from only 16k by including multiple forms, and only includes
undisputed spellings.


* AND FINALLY

ppgen is public domain; I place no restrictions on what you may do
with it.  You can modify it, sell it, or print it out and fold it into
a hat.  If you derive something from it, I'd appreciate credit if it's
not too inconvenient.

I DISCLAIM ALL WARRANTIES, ALL OF THEM.

New versions of ppgen will appear at <URL:ftp://coast.cs.purdue.edu/
pub/tools/unix/>, and will be announced in comp.security.misc.

Comments, compliments, complaints, enhancements, portability patches,
&c. should be sent to shields@tembel.org.  Unidiffs and PGP preferred.

                                                --Michael Shields, 1995-08-29
