Diceware Passphrase Cracking Risk

TL;DR

A dictionary attack can crack a Diceware passphrase if it’s too short (less than 6-8 words) or uses a limited wordlist. Longer passphrases (12+ words) are extremely resistant to cracking with typical resources.

What is a Dictionary Attack?

A dictionary attack tries every word in a list (the ‘dictionary’) to see if it matches a password or passphrase. It’s fast, but only works against simple passwords or short passphrases that can be formed from common words.

What is Diceware?

Diceware generates random passphrases by rolling dice and using the numbers rolled to pick words from a pre-defined wordlist. The more dice rolls (and therefore, more words), the stronger the passphrase.

Can a Dictionary Attack Crack a Diceware Passphrase?

Yes, but it depends on the length of the passphrase and how the dictionary attack is performed.

How to Test if a Diceware Phrase is Vulnerable

1. Understand Your Wordlist: The standard Diceware wordlist contains around 7776 words. A smaller, custom list makes cracking easier.
2. Generate the Passphrase (Example): Let’s say you generated a passphrase of 4 words using the standard Diceware list.
3. Create a Dictionary File: You need a text file containing each word from your Diceware wordlist, one word per line. This is often available online or can be created manually.
4. Use a Cracking Tool (Example with John the Ripper): John the Ripper is a popular password cracking tool. Here’s how you might use it:

   john --wordlist=diceware_words.txt passphrase_hash

   Replace diceware_words.txt with your wordlist file and passphrase_hash with the hash of the Diceware phrase (you’ll need to know how it was hashed – e.g., SHA256). If you don’t have a hash, you can use tools like Hashcat or online hashing websites to generate one from your passphrase.

5. Check the Results: If John the Ripper finds a match in the wordlist that produces the same hash as your phrase, it’s cracked!

Steps to Protect Your Diceware Passphrase

1. Increase Phrase Length: This is the most effective defense. A 6-word passphrase is significantly more secure than a 4-word one. Aim for at least 8 words, and preferably 12 or more.
2. Use the Full Wordlist: Avoid using custom wordlists that are smaller than the standard Diceware list (7776 words).
3. Add Separators/Symbols: While not strictly part of standard Diceware, adding separators like hyphens (-) or underscores (_) between words can increase complexity. Be aware this changes the underlying entropy calculation.

   word1-word2-word3

4. Salt Your Hash: If you’re storing the passphrase hash, use a unique salt for each phrase to prevent rainbow table attacks (a precomputed dictionary attack). This is more relevant if you are managing multiple passphrases.
5. Consider Alternative Methods: Diceware is good, but other methods like PBKDF2 or Argon2 offer stronger security with similar ease of use.

Passphrase Length and Cracking Time (Rough Estimates)

• 4 Words: Very vulnerable – can be cracked in seconds with a standard wordlist.
• 6 Words: Moderately vulnerable – may take minutes to hours depending on hardware.
• 8 Words: Low vulnerability – cracking takes days or weeks with typical resources.
• 12+ Words: Extremely resistant – practically impossible to crack with standard computing power and a full wordlist.