distill markov chain from EFF dynamically

Author: Aizen

cmd/genpw/README.md

@@ -24,7 +24,7 @@ This will install the `genpw` binary in your `$GOPATH/bin` directory.
 
 Once installed, you can generate passphrases by running `genpw` with the following options:
 
-```
+```bash
 Usage of genpw:
   -n uint
         number of passwords to generate (default 6)
@@ -49,15 +49,15 @@ genpw
 
 This will output something like:
 
-```
-Passphrase                    Log10(Guesses)    EntropyLog2
-
-Joilionel.scric.glicam        20.70              69.76
-Haneatri.unfolop.freskl       21.17              71.33
-Ricie.enrelerc.morsman        21.90              73.74
-Snuterov.possarb.sprive       22.93              77.18
-Hartiner.acycata.ovalnegis    23.35              78.57
-Grantdoti.irthed.imeatill     23.61              79.45
+```bash
+Passphrase                    Log10(Guesses)    Log2Entropy      Strength
+                                                                
+Candox.swortone.harvingl         23.37             78.64       [============]
+Kinywaya.preterpr.reefrate       24.31             81.76       [============]
+Ratererl.ruse.elikewa            20.44             68.92       [==========..]
+Relemalo.anli.systuri            20.77             70.01       [==========..]
+Unpori.grog.bodityi              18.05             60.97       [=========...]
+Uperti.ampilyon.extedes          22.23             74.86       [===========.]
 ```
 
 1. **Generate passphrases with custom pattern**:
@@ -68,14 +68,14 @@ genpw -p "WW20dds" -n 5
 
 The output might look like:
 
-```go
-Passphrase                Log10(Guesses)    EntropyLog2
-
-DofyonLivord2012@         15.26              51.70
-DinkedMankess2026^        16.09              54.43
-BlyestaHameloty2062=      18.02              60.87
-ShantlyzSectoo2098=       18.15              61.29
-AxoncingTwovernis2056*    19.12              64.52
+```bash
+Passphrase               Log10(Guesses)    Log2Entropy      Strength
+                                                           
+HandmarmOvera2053"          16.24             54.96       [========....]
+ResabledAnverbou2004+       19.22             64.85       [==========..]
+RocraryiRegonede2072!       19.96             67.29       [==========..]
+SagureraHassain2045-        19.70             66.45       [==========..]
+WoutbDemitte2019#           15.37             52.07       [========....]
 ```
 
 or
@@ -86,14 +86,14 @@ genpw -p "w.w.w.w" -n 5
 
 The output might look like:
 
-```go
-Passphrase                              Log10(Guesses)    EntropyLog2
-
-stritters.candis.frot.unliti            27.06              90.91
-treralryi.jangli.stathle.resche         29.22              98.08
-andetap.quis.cloashea.firetorki         29.75              99.83
-humperes.stacessfi.splan.gidinkl        30.55              102.50
-unctirter.arbeday.amersdowf.ovyarvis    33.60              112.62
+```bash
+Passphrase                               Log10(Guesses)    Log2Entropy      Strength
+                                                                           
+cleatabit.sphongedi.zedizmobl.drooky        32.40             108.62      [============]
+comprewa.cedivet.refyerm.unancling          31.19             104.61      [============]
+eitispayi.woblyoffo.unounde.pradimisf       35.27             118.18      [============]
+juiselid.partu.ovenes.slampos               28.32             95.08       [============]
+yaholl.boort.rentlestu.hustfierm            29.38             98.61       [============]
 ```
 
 ### Entropy Considerations

cryptipass.go

@@ -1,49 +1,104 @@
-// Package cryptipass v1.3.0 provides functionality for generating secure passphrases
-// composed of random words, with a focus on cryptographic security and entropy calculation.
+// Package cryptipass provides a passphrase generation and entropy calculation
+// system using wordlists and patterns. It is designed to ensure randomness
+// while offering flexibility in the structure of generated passwords.
 package cryptipass
 
 import (
 	cr "crypto/rand"
+	_ "embed"
 	"fmt"
 	"log"
 	"math"
 	"math/rand/v2"
 	"strings"
 )
 
-type Generator struct {
-	Rng *rand.Rand
+// Transition represents the probability distribution of rune sequences within
+// words. It stores the runes, their counts, the total occurrences, and the
+// entropy of the sequence.
+type Transition struct {
+	Runes   []rune
+	Counts  []int
+	Total   int
+	Entropy float64
 }
 
-// NewInstance initializes the cryptographically secure random number generator (RNG).
-// It reads 32 bytes of entropy from crypto/rand and uses them to seed a ChaCha8-based RNG.
-// If the required number of bytes is not read, it logs a fatal error.
-func NewInstance() *Generator {
+func distill(tokens []string) map[string]Transition {
+	transition_matrix := make(map[string]map[rune]int)
+	put := func(str string, r rune) {
+		if transition_matrix[str] == nil {
+			transition_matrix[str] = make(map[rune]int)
+		}
+		transition_matrix[str][r]++
+	}
+
+	for _, w := range tokens {
+		R := []rune(w)
+		put("lengths", rune(len(R)))
+		put("", R[0])
+		put(string(R[0]), R[1])
+		for i := 0; i < len(R)-2; i++ {
+			put(string(R[i])+string(R[i+1]), R[i+2])
+		}
+	}
+	dist_trans_matrix := make(map[string]Transition)
+	for k, rfreq := range transition_matrix {
+		C := 0
+		for _, freq := range rfreq {
+			C += freq
+		}
+		H := 0.0
+		tr := Transition{}
+		tr.Counts = make([]int, 0)
+
+		tr.Runes = make([]rune, 0)
+		cum := 0
+		for ru, freq := range rfreq {
+			p := float64(freq) / float64(C)
+			H -= math.Log2(p) * p
+			cum += freq
+			tr.Counts = append(tr.Counts, cum)
+			tr.Runes = append(tr.Runes, ru)
+		}
+		tr.Total = C
+		tr.Entropy = H
+		dist_trans_matrix[k] = tr
+	}
+	return dist_trans_matrix
+}
+
+type generator struct {
+	Rng       *rand.Rand
+	JumpTable *map[string]Transition
+}
+
+// NewInstanceFromList generates a new passphrase generator using a custom
+// list of tokens (words). It uses the ChaCha8 random number generator seeded
+// by cryptographically secure random bytes.
+func NewInstanceFromList(tokens []string) *generator {
 	seed := [32]byte{}
 	n, err := cr.Reader.Read(seed[:])
 	if err != nil || n != 32 {
 		log.Fatal(n, err, seed)
 	}
 	rng := rand.New(rand.NewChaCha8(seed))
-	g := new(Generator)
+	g := new(generator)
 	g.Rng = rng
+	jtbl := distill(tokens)
+	g.JumpTable = &jtbl
+
 	return g
 }
 
-// NewPassphrase generates a passphrase consisting of the specified number of random words.
-// Each word is chosen by the GenMixWord function, and the total entropy of the passphrase
-// is calculated and returned along with the passphrase.
-//
-//   - Parameters:
-//
-//     words (uint64): The number of words to include in the passphrase.
-//
-//   - Return values:
-//
-//     string: The generated passphrase, with words joined by periods.
-//
-//     float64: The total entropy (in bits) of the passphrase, indicating its strength.
-func (g *Generator) GenPassphrase(words uint64) (string, float64) {
+// NewInstance returns a new passphrase generator initialized with a default
+// wordlist. It uses the ChaCha8 random number generator for randomization.
+func NewInstance() *generator {
+	return NewInstanceFromList(eff_long_word_list)
+}
+
+// GenPassphrase generates a passphrase consisting of the specified number of
+// words. It returns the passphrase and its total entropy value.
+func (g *generator) GenPassphrase(words uint64) (string, float64) {
 	wordvec := []string{}
 	total_entropy := 0.0
 	for range words {
@@ -54,31 +109,13 @@ func (g *Generator) GenPassphrase(words uint64) (string, float64) {
 	return strings.Join(wordvec, "."), total_entropy
 }
 
-// GenFromPattern generates a passphrase based on a specified pattern.
-// The pattern dictates the structure of the generated passphrase, with the following
-// format options:
-//
-// - `w`: Lowercase word generated via GenMixWord.
-//
-// - `W`: Capitalized word generated via GenMixWord (first letter uppercased).
-//
-// - `d`: Random digit (0-9).
-//
-// - `s`: Random symbol from a predefined set (@#!$%&=?^+-*").
-//
-// Any other characters in the pattern are appended as-is.
-//
-//   - Parameters:
-//
-//     pattern (string): A string pattern that specifies the structure of the passphrase.
-//
-//   - Return values:
-//
-//     string: The generated passphrase based on the given pattern.
-//
-//     float64: The total entropy (in bits) of the generated passphrase.
-
-func (g *Generator) GenFromPattern(pattern string) (string, float64) {
+// GenFromPattern generates a passphrase following the specified pattern.
+// Supported pattern symbols are:
+//   - 'w', 'W': words (lowercase or capitalized)
+//   - 'd': digits
+//   - 's': symbols
+//   - 'c', 'C': characters (lowercase or uppercase)
+func (g *generator) GenFromPattern(pattern string) (string, float64) {
 	passphrase := ""
 	entropy := 0.0
 	pushnext := false
@@ -122,7 +159,9 @@ func (g *Generator) GenFromPattern(pattern string) (string, float64) {
 	return passphrase, entropy
 }
 
-func (g *Generator) GenWord(c rune) (string, float64) {
+// GenWord generates a word based on the character pattern (e.g., 'w', 'W').
+// It returns the generated word and its entropy.
+func (g *generator) GenWord(c rune) (string, float64) {
 	head, h_head := g.PickNext("")
 	leng, h_leng := g.PickLength()
 	if c == 'W' {
@@ -143,12 +182,14 @@ type CertifyResult struct {
 	StdDev   float64
 }
 
+// Certify verifies the randomness and entropy of the generated passphrases.
+// It runs multiple iterations to certify that the empirical entropy matches the nominal entropy.
 func Certify(Gen func() (string, float64)) CertifyResult {
 	nominal_H := 0.0
 	nominal_H2 := 0.0
 	cnt_nom_H := 0.0
 	for range 1000 {
-		//pilot run to estimate budjet
+
 		_, nh := Gen()
 		nominal_H += nh
 		nominal_H2 += nh * nh
@@ -185,3 +226,39 @@ func Certify(Gen func() (string, float64)) CertifyResult {
 	}
 
 }
+
+// PickNext selects the next rune in the sequence based on the previous seed.
+// It uses the stored transition matrix to ensure a smooth distribution of
+// rune occurrences, retrying until a valid match is found.
+func (g *generator) PickNext(seed string) (string, float64) {
+	L := min(len(seed), 2)
+	tok := strings.ToLower(seed[len(seed)-L:])
+retry:
+	if tr, ok := (*g.JumpTable)[tok]; ok {
+		N := g.Rng.IntN(tr.Total)
+		for i, v := range tr.Counts {
+			if N < v {
+				return string(tr.Runes[i]), tr.Entropy
+			}
+		}
+		panic("unexpected")
+	}
+	tok = tok[1:]
+	goto retry
+}
+
+// PickLength selects the length of the next generated word based on the
+// transition matrix of word lengths. It ensures the generated word has an
+// appropriate length and entropy.
+func (g *generator) PickLength() (int, float64) {
+	tr, ok := (*g.JumpTable)["lengths"]
+	if ok {
+		N := g.Rng.IntN(tr.Total)
+		for i, v := range tr.Counts {
+			if N < v {
+				return int(tr.Runes[i]), tr.Entropy
+			}
+		}
+	}
+	panic("unexpected rand num")
+}

cryptipass_test.go

@@ -24,7 +24,7 @@ func TestBasic(t *testing.T) {
 }
 
 func TestCert(t *testing.T) {
-	g := cryptipass.Generator{}
+	g := cryptipass.NewInstance()
 	g.Rng = rand.New(rand.NewPCG(37512033, 27996124))
 
 	type FN func() (string, float64)