Creating a random password based off of a prime number

Question

So I am making an application that basically creates strings that must be encrypted before they are stored on a user's device. If the user blindly starts running the application without creating a password before hand OR they cannot come up with a long, strong password, would this method be appropriate? (Language is java)

1. Create a probable prime of 512 bit length
   • BigInteger.probablePrime(512, new Random())
2. Add a random number of 512 bit length
   • .add(new BigInteger(512, new Random()))
3. Convert number into Base32
   • .toString(32);

The above steps will yield a Base32 string that is about 100-103 characters long and will look something like this: 2si95285qk2trk65hona7q0j27o81ph6adjs2obd2g83q9nho52tonku7s3uajtja54ri2dkbque39hil14f1nrlef0736mtda7rtll

And it is up to the user to safely store this password if they do not create one themselves.

So my question, is this a plausible method to create a random password if the user does not make one before hand or cannot create a password this long (though it is not required)?

Answer 1

If you just need random numbers, there's no point in generating random primes. Just make sure that you're using a cryptographically secure random number generator, properly seeded from a secure entropy source.

Also, passwords made up of random letters and numbers are very hard to remember (and type). For a password meant to be memorized by a human, it's much more efficient (in terms of security vs. effort) to generate a passphrase made out of random words instead. See diceware and this xkcd strip for some well known examples.

Also, 100 random base-32 characters equals 500 bits of entropy. That's ridiculous for a password; 128 bits of entropy is plenty for anything, and you're probably OK with 80 bits or even less, depending on what kind of threats you're expecting. If your key derivation function does proper key stretching, that'll add some 10 to 30 bits of effective strength to your password (depending on the iteration count), allowing you to reduce its length even further.

A typical randomly chosen word has about 10 to 14 bits of entropy, depending on the size of the word list (a diceware passphrase has just under 13 bits of entropy per word), so generating a passphrase of five or six random words and using a key-stretching KDF should be safe enough.