flat assembler
Message board for the users of flat assembler.

Index > Heap > (Deep Crack)Brute Force Attack Machine

Goto page 1, 2  Next
Author
Thread Post new topic Reply to topic
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
The EFF's US$250,000 DES cracking machine contained over 1,800 custom chips and could brute force a DES key in a matter of days. The photograph shows a DES Cracker circuit board fitted with 32 Deep Crack chips and some control chips.

Image

http://en.wikipedia.org/wiki/Brute_force_attack

More:

It is possible to break a 40-bit key on a typical home computer in a matter of days, with home computers getting faster every year. Even a typical home computer in 2004 could break a 40-bit key in a little under two weeks, testing a million keys per second. Using free time on a large corporate network or a set of zombie computers would reduce the time in proportion to the number of computers available. With dedicated (and rather expensive) hardware, a 40-bit key can be broken in seconds. The Electronic Frontier Foundation's Deep Crack, built by a group of enthusiasts for US$250,000 in 1998, could break a 56-bit Data Encryption Standard (DES) key in days, and would be able to break 40-bit DES encryption in about four seconds.

http://en.wikipedia.org/wiki/40-bit_encryption

-Moar Very Happy
If a device existed that could brute-force a 56-bit encryption key in one second, it would take that device 149.7 trillion years to brute force a 128-bit encryption key.

http://en.wikipedia.org/wiki/Brute_force_attack#Theoretical_limits




WOW !.... Now they should make a small device that can do all of that.
Post 06 Jun 2011, 15:01
View user's profile Send private message Reply with quote
Dex4u



Joined: 08 Feb 2005
Posts: 1601
Location: web
Dex4u
Post 06 Jun 2011, 16:00
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
"Right now we can confidently say that a seven-character password is hopelessly inadequate - and as GPU power continues to go up every year, the threat will increase."
Hehehehe nice !
Post 06 Jun 2011, 16:29
View user's profile Send private message Reply with quote
BOTOKILLER



Joined: 07 Jan 2011
Posts: 154
Location: Ukraine
BOTOKILLER
149.7 trillion years - brute force sucks)))
Post 06 Jun 2011, 16:37
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
@BOTOKILLER 149.7 Trillion yrs and the password ends up being password...lol
Post 06 Jun 2011, 16:41
View user's profile Send private message Reply with quote
Dex4u



Joined: 08 Feb 2005
Posts: 1601
Location: web
Dex4u
Heres a good writeup about GPU password cracking
http://hackaday.com/2011/06/01/gpu-password-cracking-made-easy/
Post 06 Jun 2011, 16:41
View user's profile Send private message Reply with quote
ManOfSteel



Joined: 02 Feb 2005
Posts: 1154
ManOfSteel
There's a much more efficient brute forcing machine. Just ask the US Waterboarding Committee for a free trial.
Post 06 Jun 2011, 19:16
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
ManOfSteel wrote:
US Waterboarding Committee


Hahahaha..... USWC...Nice one
Post 06 Jun 2011, 21:50
View user's profile Send private message Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
f0dder
ManOfSteel wrote:
There's a much more efficient brute forcing machine. Just ask the US Waterboarding Committee for a free trial.
Also known as Rubber-hose cryptanalysis.

Image

_________________
Image - carpe noctem
Post 12 Jun 2011, 10:18
View user's profile Send private message Visit poster's website Reply with quote
Enko



Joined: 03 Apr 2007
Posts: 678
Location: Mar del Plata
Enko
f0dder wrote:
ManOfSteel wrote:
There's a much more efficient brute forcing machine. Just ask the US Waterboarding Committee for a free trial.
Also known as Rubber-hose cryptanalysis.

Image

Now I understand why its called "brute force" jajaja
Post 13 Jun 2011, 13:22
View user's profile Send private message Reply with quote
JoeCoder1



Joined: 13 Jun 2011
Posts: 62
JoeCoder1
You can't conclude if it takes a 56 bit DES key d days to crack it will take a 128 bit key e days to crack.

1 there is no 128 bit des key, there is either 56 bit DES or 112 bit effective 3DES
2. DES keys are not based on factoring, unlike RSA where you could do some calculations based on factoring various bit sizes
3. 3DES is much slower than DES so it takes much longer to try each key with a brute force attack
4. deep crack is for plumbers and electricians Wink
Post 14 Jun 2011, 07:11
View user's profile Send private message Reply with quote
edfed



Joined: 20 Feb 2006
Posts: 4240
Location: 2018
edfed
i wonder if the key used is something like just a very long string of bytes, xored with the file to encrypt, how many times it can take to break the key.

and even, if the encryption algorithm is simple, but the key very long, what time it can take to decrypt a 64kB key?
Post 14 Jun 2011, 13:08
View user's profile Send private message Visit poster's website Reply with quote
Enko



Joined: 03 Apr 2007
Posts: 678
Location: Mar del Plata
Enko
edfed wrote:
i wonder if the key used is something like just a very long string of bytes, xored with the file to encrypt, how many times it can take to break the key.

and even, if the encryption algorithm is simple, but the key very long, what time it can take to decrypt a 64kB key?


I guess in whould depend a lot of what is the encripted file.

In this case, I don't think only brute force will be used. Becouse for example you know thay the encripted file is a Windows Executable.
So, the first to bytes should be "MZ". So you can easly guess the first 2 bytes of the key.

And now about the size of the key. 64kb of string is some how very dificult to remember. If you store it somwhere its not so safe anymore.
So my guess for such big key, it should be somthing easy to remember, like some pages of a book text, a poem, bible verses, or some easy to remember text like "dog1dog2dog3dog4dog5dog6"
Post 14 Jun 2011, 13:28
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17474
Location: In your JS exploiting you and your system
revolution
edfed wrote:
i wonder if the key used is something like just a very long string of bytes, xored with the file to encrypt, how many times it can take to break the key.

and even, if the encryption algorithm is simple, but the key very long, what time it can take to decrypt a 64kB key?
Have you heard of something called OTP (one time pad)? The encryption is provably unbreakable, but useless in practice. OTP is similar to what you suggest but with a few more stipulations: The key must only ever be used once, the key must be truly random, and the key must be as long as the plaintext you encrypt.

For your example your key length of 64k is only adequate for a single file that is 64k in length or shorter. If you ever try to use the same key again on other plaintexts then your scheme is then easy to break.
Post 14 Jun 2011, 14:23
View user's profile Send private message Visit poster's website Reply with quote
Enko



Joined: 03 Apr 2007
Posts: 678
Location: Mar del Plata
Enko
I heard of OTP but not of this type but rather as a ONE TIME PROGRAMABLE unit.
Sony Ericsson stores some values like imei and lockinfo in their phones in that unit. In should be otpu.. but otp is used insted for referencing it.
Post 14 Jun 2011, 15:30
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17474
Location: In your JS exploiting you and your system
revolution
When talking about encryption, "OTP" is always One Time Pad. When talking about other things, "OTP" could be something else entirely.
Post 14 Jun 2011, 15:43
View user's profile Send private message Visit poster's website Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
so,...about 4096 bit RSA is that ridiculous or what. SHA2 512 is already hard enough to crack.

and btw, SHA-3 is in development, according to wikip.
Post 14 Jun 2011, 16:40
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17474
Location: In your JS exploiting you and your system
revolution
SHA is not an encryption algorithm.

RSA relies on an unproven premise that it is hard to factorise.

DES is too weak for any serious modern day use.

3DES is just weird. I can't understand why anyone uses it.
Post 14 Jun 2011, 16:44
View user's profile Send private message Visit poster's website Reply with quote
JoeCoder1



Joined: 13 Jun 2011
Posts: 62
JoeCoder1
revolution wrote:
SHA is not an encryption algorithm.

RSA relies on an unproven premise that it is hard to factorise.

DES is too weak for any serious modern day use.

3DES is just weird. I can't understand why anyone uses it.


RSA has been proven over a pretty long time. Nobody has come up with any breakthrus in factoring, it just takes alot of time and storage. Things are improving but RSA is about as proven as crypto gets.

3DES is still effective because it doesn't have any better attacks than brute force and it's slow. Being slow helps because it makes brute forcing it take longer.
Post 15 Jun 2011, 11:06
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17474
Location: In your JS exploiting you and your system
revolution
JoeCoder1 wrote:
... but RSA is about as proven as crypto gets.
RSA is nowhere near proven in any way. There are plenty of alternative provably unbreakable algorithms available, one is already mentioned above.
JoeCoder1 wrote:
3DES is still effective because it doesn't have any better attacks than brute force and it's slow. Being slow helps because it makes brute forcing it take longer.
Being slow is not an advantage for a symmetric cypher. Being secure is a prerequisite, not an advantage.
Post 15 Jun 2011, 11:22
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.