The thing is, your entire line of argument is predicated on the quote approach being vulnerable to a dictionary-style attack. In order for that to be the case, both the SSID and the exact quotation used have to match, otherwise the attacker is forced back into expensive brute force attacks. Any unique element, whether intentional or not, renders that vulnerability null.
The xkcd approach certainly works, but the arbitrary, random nature of it is going to make it difficult for some people to remember. The quotation approach is just leveraging the fact that people spend their entire lives using language as a logical framework to simplify remembering things.
Either is going to be vastly more secure than a random string of characters.
My line of argument is more complex than you give it credit for. It has 3 major components:
- if you do not include "unique elements" (that is, you quote straight from wikiquote or similar), a quote is less secure than 4 random dictionary words due to being subject to wikiquote-driven dictionary-style attacks.
- if you include intentional and unique modifications, a quote from a public work like a movie or play is not particularly easier to remember than something from passphra.se or similar. Once you have to remember what you spelled/capitalized/punctuated in a nonstandard way, what have you really gained?
- if you include unintentionally unique elements (a word you always misspell), or elements that aren't really unique (you always append the same character), then your passphrase is vulnerable to a dictionary-like attack by an attacker who has some knowledge of you, particularly one who you've told your scheme to.
The key to the xkcd-style passphrase is that it remains secure even against an attacker who knows how you generated it, and who knows your personal tendencies. It's a completely universal, memorable, secure scheme.
Movie quotes are secure and memorable enough the majority of the time -- vastly more secure than using your kid's name, vastly more memorable than a string of random characters. But it seems to me like you're advocating a second-best security practice when we already have a best one.
>then your passphrase is vulnerable to a dictionary-like attack by an attacker who has some knowledge of you, particularly one who you've told your scheme to.
That's the thing right there: the difference in practical vulnerability all but requires an attacker to have a certain level of omniscience and access to a massive database of any conceivable permutation of any fragment you might choose of a huge number of works.
>But it seems to me like you're advocating a second-best security practice when we already have a best one.
I'm advocating what can be efficiently communicated to a non-technical user that gets them to use something better than the short keys they'll tend to use otherwise.
What's more likely to stick with a 40 year old office coworker that asks how to secure their wireless network? A scheme that seems nonsensical on surface that requires a comic and basic grasp of what a keyspace is to understand, or the suggestion to "use a sentence from something you like that you'll easily remember?"
Either one is going to stop all but the most determined of attackers. I don't see the point in confusing the issue for them.
On the one hand, you're saying that it's a huge keyspace because you might choose from such a huge number of works and there are so many possible variations. My criticism of that version of your idea is that those variations are as hard to remember as random words.
On the other hand, you're telling people "use a sentence from something you like", which is likely to result in only the smallest exploration of that keyspace -- the most popular lines out of the most popular shows or movies, with only a small number of capitalization or punctuation variants. If people are going to pick things like "to be or not to be" or "I can kill you with my brain", then you're suggesting something that's not particularly secure (and may already be contained in many dictionary attacks).
So the approach you advocate is fundamentally insecure, which you've argued can be made secure by adding exactly the sort of measures that confuse the issue for the people you say will benefit from the approach.
Here's an easier approach: tell people "anything you can find in a dictionary or on a list of quotes, hackers already have on their computers. To make a password hackers don't already know about, you need to put some random words together." Then point them to passphra.se and tell them to hit "generate another" until they get something they like. They can even add in more words to make it more memorable, or mix their random words into a movie quote ("I can melt you with my smoky vegetable universe", in River Tam's voice... creepy and memorable.)
In other words, instead of starting with "memorable" and then trying (and probably failing) to add enough entropy without sacrificing memorability, start with enough entropy and then make it memorable.
My understanding is that when people build password-cracking dictionaries, they include common permutations in the script. That is, for the dictionary word "dolphin", the script puts in "Dolphin" and "d0lph1n" and so forth. I'd be very surprised if someone building a table based on common quotations didn't do the same thing. I mean, how many memorable punctuation-mangling strategies are there on a common phrase anyway? I can only think of a few, right off; they're probably the ones most other people would think of, too.
There is a very serious tendency to overestimate how clever and creative you can be in the 90 seconds you spend thinking about a password. Odds are, the "random" thing you're doing is the same random thing that a lot of other people are doing. And it's in someone's script somewhere.
If you roll dice, instead of trusting your brain to be clever, you know what you have is random and hence secure.
>I mean, how many memorable punctuation-mangling strategies are there on a common phrase anyway?
How do you define common? The person has the entirety of literature, movies, music, etc to draw from. They might select any given fragment of a work, and the attacker has no way of knowing where the fragment begins or ends.
Is a purely random key strictly more secure? Sure.
But my goal isn't to get the purest possible level of security; it's to get normal people to use something more complex than the 8-14 character passwords they generally use now. I'm certainly not claiming it's perfect, but it's a simple to understand scheme that most non-technical users will be able to understand and use that will protect them from all but the most dedicated of attackers.
Just like someone told to select an arbitrary password might select any sequence of characters. They might theoretically select anything, but most of them will choose something like 'password'.
So with your users. Star Trek fans are going to choose "makeitso". And a database of famous quotes will catch them.
What I'm really getting at, though, is that I think playing cat and mouse with professional hackers is a losing game. You shouldn't spend a few seconds trying to come up with something that they won't think of when it's their entire vocation. You're just not that creative, and too many people think alike.
Just roll dice. That way your choice is provably random.
The xkcd approach certainly works, but the arbitrary, random nature of it is going to make it difficult for some people to remember. The quotation approach is just leveraging the fact that people spend their entire lives using language as a logical framework to simplify remembering things.
Either is going to be vastly more secure than a random string of characters.