4 releases (1 stable)

1.0.0 Jan 21, 2022
0.6.0 Oct 11, 2021
0.5.0 Oct 11, 2021
0.4.0 Oct 10, 2021

#743 in Cryptography

MIT license

1MB
66K SLoC

niceware

Rust crates.io v0.6.0

My blog post: Porting Niceware to Rust


A Rust port of niceware. Sections of this README have been copied from the original project.

This library generates random-yet-memorable passwords. Each word provides 16 bits of entropy, so a useful password requires at least 3 words.

The transformation from bytes to passphrase is reversible.

Because the wordlist is of exactly size 2^16, niceware is also useful for convert cryptographic keys and other sequences of random bytes into human-readable phrases. With niceware, a 128-bit key is equivalent to an 8-word phrase.

Similar to the source, heed this warning:

WARNING: The wordlist has not been rigorously checked for offensive words. Use at your own risk.

Sample use cases

  • niceware can be used to generate secure, semi-memorable, easy-to-type passphrases. A random 3-5 word phrase in niceware is equivalent to a strong password for authentication to most online services. For instance, +8svofk0Y1o= and bacca cavort west volley are equally strong (64 bits of randomness).

  • niceware can be used to display cryptographic key material in a way that users can easily backup or copy between devices. For instance, the 128-bit random seed used to generate a 256-bit ECC key (~equivalent to a 3072-bit RSA key) is only 8 niceware words. With this 8-word phrase, you can reconstruct the entire public/private key pair.

Tests

cargo test

Credits

Rust port:

@Kixunil made some fantastic changes w/r/t idiomatic and performant Rust in #2.

Code, tests, and docs are either straight-up ported/copied from, or inspired by niceware.

Original:

Niceware was inspired by Diceware. Its wordlist is derived from the SIL English word list. This project is based on [diracdeltas] work on OpenPGP key backup for the Yahoo End-to-End project.

Dependencies