No, thankfully.

Printable View

- 05-29-2007MacGyver
- 05-29-2007KONI
Deep Crack, build in 1998 could test 90 billion keys per second, that's already a lot more than "10000" passwords a second. But it is true that bruteforce attacks are for idiots, as you can see here. Nowadays, the most common and effective way of breaking a cipher is through Cryptanalysis.

- 05-29-2007KONI
distributed.net was able to break the 56-bit DES key in less than 24 hours. It uses a system like Seti@Home or Folding@Home, breaking the keyspace into small blocks and distributing the key search over a number of clients.

- 05-29-2007Junior89
- 05-29-2007Junior89
And anyone have advice for the whole time conversion problem?

- 05-29-2007brewbuck
- 05-29-2007brewbuck
- 05-29-2007Junior89
Alrighty let's just clarify this issue so someone can help me out here =)

Brute force consists of trying EVERY possible password in order to decrypt a file, log-in to something, break a hash, etc. Most of the algorithms used today by governments and such are so secure (AES for instance), that one can ONLY use a brute force attack. It is NOT for idiots by any means. For all we know the NSA could have a supercomputer (and more than likely does) with thousands if not millions of processors which could run effective brute force attacks in a decent/reasonable amount of time.

With quantum computers on the horizon brute force attacks will be a real threat. No longer will it take thousands of years to crack a code, it could take a few minutes with the technology of the future.

The thing about brute force is that it IS 100% effective, at some point, you will enter the correct key and decipher the code, it's just in this day and age, a 128-bit key for AES encryption could (literally) take longer to crack than the lifetime of the universe. However, for a small key here it takes considerably shorter (well still long, an 8 character key, with upper, lower and numerals, and assuming the chances of finding the key in the first half are 50%, one could make a reasonable estimate that it would take about 70 years to find the key, testing about 50000 keys a second, the max would be about 140.)

However...

I'm asking about my time conversions, what's the matter with them? - 05-29-2007laserlightQuote:

I'm asking about my time conversions, what's the matter with them?

milliseconds = time % 1000

time /= 1000

seconds = time % 60

time /= 60

minutes = time - 05-29-2007brewbuck
So far as we know. A weakness could be discovered tomorrow. It is very difficult (nigh impossible) to PROVE that any given cipher is secure against cryptanalysis.

Quote:

The thing about brute force is that it IS 100% effective, at some point, you will enter the correct key and decipher the code

- 05-29-2007Junior89
Yes you are correct, we are assuming however a standard algorithm of today. Such algorithms, such as GOST, BLOWFISH, AES, etc. Do not have such collisions.

I neglected to mention that OTP's are the exception. They are impossible to crack, literally, you never know if you have the right key or not because it's more random and is as long as the plaintext. However, the security of OTP's relies on Complete randomness of the encrypting machine as well as NEVER using the same key twice. As soon as that happens, it's simple to crack.

I'm still having trouble with these time conversions. clock() returns the time in milliseconds right? I'm getting crazy numbers when it goes to convert. Perhaps the time in milliseconds is too big and it's wrapping around inside the unsigned int variable? - 05-29-2007laserlightQuote:

clock() returns the time in milliseconds right?

- 05-29-2007Junior89
I just remember that clock() returns the number of clock cycles i believe.

Anywho... i fixed it myself. I switched from milliseconds to seconds and for some reason i was using a ton of modulus operators instead of division ??? i'm an idiot.

Thanks for the help. - 05-29-2007brewbuck
- 05-29-2007Junior89
Thanks but i just used a time_t variable with the funtion time() and i'm set.

It works well, takes about 4 minutes to break a 4 digit password, not speedy gonzolez, but hey, it works.