Skip to main content

Pronounceable IPv6 addresses, WPA2-PSK and hashes

With the transition to IPv6 gone are friendly IP addresses like 23.75.345.200 to be replaced by 128 bit monstrosities like 2001:db8:85a3:8d3:1319:8a2e:370:7348. Equally WiFi networks are protected using 256 bit keys that are long and tedious to remember and type.

Here's a slightly tongue-in-cheek proposal to make all these addresses pronounceable by mapping each 8 bit byte to a short English word drawn from a known vocabulary. My vocabulary starts with one of the letters drawn from b d f g h k l m n p r followed by a single vowel a e i o u followed by a single letter from d g m p t. The yields more than enough words. The full list is as follows:
bad  0  bag  1  bam  2  bap  3  bat  4  bed  5  beg  6  bem  7  
bep  8  bet  9  bid  a  big  b  bim  c  bip  d  bit  e  bod  f  
bog 10  bom 11  bop 12  bot 13  bud 14  bug 15  bum 16  bup 17  
but 18  dad 19  dag 1a  dam 1b  dap 1c  dat 1d  ded 1e  deg 1f  
dem 20  dep 21  det 22  did 23  dig 24  dim 25  dip 26  dit 27  
dod 28  dog 29  dom 2a  dop 2b  dot 2c  dud 2d  dug 2e  dum 2f  
dup 30  dut 31  fad 32  fag 33  fam 34  fap 35  fat 36  fed 37  
feg 38  fem 39  fep 3a  fet 3b  fid 3c  fig 3d  fim 3e  fip 3f  
fit 40  fod 41  fog 42  fom 43  fop 44  fot 45  fud 46  fug 47  
fum 48  fup 49  fut 4a  gad 4b  gag 4c  gam 4d  gap 4e  gat 4f  
ged 50  geg 51  gem 52  gep 53  get 54  gid 55  gig 56  gim 57  
gip 58  git 59  god 5a  gog 5b  gom 5c  gop 5d  got 5e  gud 5f  
gug 60  gum 61  gup 62  gut 63  had 64  hag 65  ham 66  hap 67  
hat 68  hed 69  heg 6a  hem 6b  hep 6c  het 6d  hid 6e  hig 6f  
him 70  hip 71  hit 72  hod 73  hog 74  hom 75  hop 76  hot 77  
hud 78  hug 79  hum 7a  hup 7b  hut 7c  kad 7d  kag 7e  kam 7f  
kap 80  kat 81  ked 82  keg 83  kem 84  kep 85  ket 86  kid 87  
kig 88  kim 89  kip 8a  kit 8b  kod 8c  kog 8d  kom 8e  kop 8f  
kot 90  kud 91  kug 92  kum 93  kup 94  kut 95  lad 96  lag 97  
lam 98  lap 99  lat 9a  led 9b  leg 9c  lem 9d  lep 9e  let 9f  
lid a0  lig a1  lim a2  lip a3  lit a4  lod a5  log a6  lom a7  
lop a8  lot a9  lud aa  lug ab  lum ac  lup ad  lut ae  mad af  
mag b0  mam b1  map b2  mat b3  med b4  meg b5  mem b6  mep b7  
met b8  mid b9  mig ba  mim bb  mip bc  mit bd  mod be  mog bf  
mom c0  mop c1  mot c2  mud c3  mug c4  mum c5  mup c6  mut c7  
nad c8  nag c9  nam ca  nap cb  nat cc  ned cd  neg ce  nem cf  
nep d0  net d1  nid d2  nig d3  nim d4  nip d5  nit d6  nod d7  
nog d8  nom d9  nop da  not db  nud dc  nug dd  num de  nup df  
nut e0  pad e1  pag e2  pam e3  pap e4  pat e5  ped e6  peg e7  
pem e8  pep e9  pet ea  pid eb  pig ec  pim ed  pip ee  pit ef  
pod f0  pog f1  pom f2  pop f3  pot f4  pud f5  pug f6  pum f7  
pup f8  put f9  rad fa  rag fb  ram fc  rap fd  rat fe  red ff  
An alternative alphabet might be drawn up by using actual English words that have only three letters. There are likely enough genuine three letter words that 256 interesting ones could be found.

Then the long IPv6 address above becomes dem bag:bip nog:kep lip:bep nig:bot dad:kip dug:bap him:hod fum. Equally, a long WPA2 pre-shared key becomes a pronounceable list of words that are relatively easy to send to someone and type in.

Of course, it's backwards compatible with IPv4: there's no place like kam.bad.bad.bag or I can the Causata web site on gop.gop.kat.fum and my local network's netmask is red.red.red.bad.

Similarly, an MD5 can be written as something like pap nom bet mot kot nep rag dap lid hat red lup nup det nap nep.

I wonder how much less error prone this would be than a long string of hexadecimal digits. Using a carefully selected set of known English three letter words (with no homophones) would likely be best.

PS Others have pointed me to the PGP word list and RFC2289.

PPS Another proposal

Comments

Paul Keeble said…
Its still too long. People can basically remember 4-6 small numbers in short term memory. So really we need to map IP6 addresses onto longer words that shorten the number of them needed to ideally 4.
kang said…
thats not *EXACTLY* it but you know, DNS does map ips to names. Doesn't work for your WPA key but.. its the same concept for the ip address, for the same reason.
I though that should at least be mentioned.
Corbin Simpson said…
I can't not read these in a very deep Louisiana cajun drawl. (And now neither can you!)
Lance Purple said…
Then the long IPv6 address above becomes dem bag:bip nog:kep lip:bep [etc]

Sounds like something Ella Fitzgerald would sing at a jazz club...
Muflone said…
I'm not sure which is worst, but at least the numeric address is readable
Andy Robbins said…
Imagine trying to use this language over the phone.

"My IP is lip bep-"
"Sorry was that lip or lit?"
"LIP, as in 'read my LIPS'"
Joe said…
This is brill.

However, 2001:0db8:85a3:08d3:1319:8a2e:0370:7348 actually becomes dem bag:bip met:kep lip:bep nig:bot dad:kip dug:bap him:hod fum, not dem bag:bip nog:kep lip:bep nig:bot dad:kip dug:bap him:hod fum. You've transposed nig (d3) with met (b3).

You might want to have a look at my project on GitHub: https://github.com/JosephSalisbury/PronounceableIPv6

Cheers.
Looks a lot like my idea: http://www.halfbakery.com/idea/IPv6_20Worded_20Addresses#1260513928.

Except, my words are pronounceable and memorable. Have a look :)

I've also made a program which, given an inputted IPv6 address can help you generate the optimum phrase.
maniel said…
i've used baad:dead:beef:cafe or something like that for 64bit address in a subnet:-)
asdf said…
PGP has a similar scheme, designed for phonetic distinctiveness:

http://en.wikipedia.org/wiki/PGP_word_list

Popular posts from this blog

Your last name contains invalid characters

My last name is "Graham-Cumming". But here's a typical form response when I enter it:


Does the web site have any idea how rude it is to claim that my last name contains invalid characters? Clearly not. What they actually meant is: our web site will not accept that hyphen in your last name. But do they say that? No, of course not. They decide to shove in my face the claim that there's something wrong with my name.

There's nothing wrong with my name, just as there's nothing wrong with someone whose first name is Jean-Marie, or someone whose last name is O'Reilly.

What is wrong is that way this is being handled. If the system can't cope with non-letters and spaces it needs to say that. How about the following error message:

Our system is unable to process last names that contain non-letters, please replace them with spaces.

Don't blame me for having a last name that your system doesn't like, whose fault is that? Saying "Your last name …

All the symmetrical watch faces (and code to generate them)

If you ever look at pictures of clocks and watches in advertising they are set to roughly 10:10 which is meant to be the most attractive (smiling!) position for the hands. They are actually set to 10:09.14 if the hands are truly symmetrical. CC BY 2.0image by Shinji
I wanted to know what all the possible symmetrical watch faces are and so I wrote some code using Processing. Here's the output (there's one watch face missing, 00:00 or 12:00, because it's very boring):



The key to writing this is to figure out the relationship between the hour and minute hands when the watch face is symmetrical. In an hour the minute hand moves through 360° and the hour hand moves through 30° (12 hours are shown on the watch face and 360/12 = 30).
The core loop inside the program is this:   for (int h = 0; h <= 12; h++) {
    float m = (360-30*float(h))*2/13;
    int s = round(60*(m-floor(m)));
    int col = h%6;
    int row = floor(h/6);
    draw_clock((r+f)*(2*col+1), (r+f)*(row*2+1), r, h, floor(m…

Importing an existing SSL key/certificate pair into a Java keystore

I'm writing this blog post in case anyone else has to Google that. In Java 6 keytool has been improved so that it now becomes possible to import an existing key and certificate (say one you generated outside of the Java world) into a keystore.

You need: Java 6 and openssl.

1. Suppose you have a certificate and key in PEM format. The key is named host.key and the certificate host.crt.

2. The first step is to convert them into a single PKCS12 file using the command: openssl pkcs12 -export -in host.crt -inkey host.key > host.p12. You will be asked for various passwords (the password to access the key (if set) and then the password for the PKCS12 file being created).

3. Then import the PKCS12 file into a keystore using the command: keytool -importkeystore -srckeystore host.p12 -destkeystore host.jks -srcstoretype pkcs12. You now have a keystore named host.jks containing the certificate/key you need.

For the sake of completeness here's the output of a full session I performe…