Skeptic Password Composition Policy Assertion Language. A DSL for asserting password composition policy effectiveness.
The Skeptic Password composition Policy Assertion Language (PaCPAL) sits on top of the output produced by Pyrrho from a Skeptic Authority and a large password dataset, to provide a facility for easy extraction of results.
At its core, its a language for creating, grouping, ranking and comparing the slopes (i.e. the uniformity) of password probability distributions interpolated as power-law equations.
A few examples are provided in the ./examples folder. These demonstrate different aspects of PaCPAL and are as follows:
Demonstrates the inlining of power-law equations in PaCPAL:
# Here we're declaring some Zipf equations inline and binding them to a name.
zipf 0.0011742221285749555 -0.6588793976685547 as 000webhostbasic8prop
zipf 0.0009680954123045289 -0.6479434369803485 as 000webhostbasic8uni
# Another assertion.
assert 000webhostbasic8prop steeper 000webhostbasic8uni between 1 and 1000
The zipf keyword allows the inline creation of a named power-law equation. Those above are of the form:
000webhostbasic8prop = [y = 0.0011742221285749555 * x^-0.6588793976685547]
000webhostbasic8uni = [y = 0.0009680954123045289 * x^-0.6479434369803485]
These are then compared with an assertion, which asserts the following:
Two x-axis points corresponding to optimal attack size:
x1 = 1
x2 = 1000
Y-coordinates at each point, for curve named '000webhostbasic8prop':
y1 = 0.0011742221285749555 * x1^-0.6588793976685547
y2 = 0.0011742221285749555 * x2^-0.6588793976685547
Y-coordinates at each point, for curve named '000webhostbasic8uni':
y1' = 0.0009680954123045289 * x1^-0.6479434369803485
y2' = 0.0009680954123045289 * x2^-0.6479434369803485
What we are asserting:
(|y1 - y2| / |x1 - x2|) > (|y1' - y2'| / |x1 - x2|)
Demonstrates loading equations from files generated by Pyrrho of the form:
{
"amp": 0.00011059984812070353,
"alpha": -0.17896888889001078
}This is accomplished with the load keyword:
# Loading Zipf equations from files generated by Pyrrho and binding them to a name.
load equations/yahoo-basic6_basic8_proportional.json as yb8prop
load equations/yahoo-basic6_basic12_proportional.json as yb12prop
# Another assertion.
assert yb8prop steeper yb12prop between 1 and 1000
Demonstrates placing equations into named groups and accessing them using group and add keywords.
# Loading Zipf equations from files generated by Pyrrho and binding them to a name.
load equations/yahoo-basic6_basic8_proportional.json as yb8prop
load equations/yahoo-basic6_basic12_proportional.json as yb12prop
# Build group.
group yahoo
add yb8prop to yahoo as b8
add yb12prop to yahoo as b12
# Assert using groups.
assert b8 yahoo steeper b12 yahoo between 1 and 100
Demonstrates ranking a group using the rank keyword.