ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

DonationCoder.com Software > fSekrit

Brute Force hacking possible?

<< < (2/3) > >>

f0dder:
fSekrit uses 256-bit keys. Even if you could test one trillion (10^12, or 1,000,000,000,000) keys per second, it could still take some 3,6717e57 years to find the password (read up on http://en.wikipedia.org/wiki/Scientific_notation if you wonder what that 'e' is doing there, or think that "4 years is not enough" ;)).

That's for a dumb bruteforce attack, though - somebody *might* come up with a smarter attack against AES/Rijndael, or the government *might* have supah sekrit machines in Area 51, made by aliens, to decrypt faster...

or you might use a weak password from a dictionary :)

AbteriX:
It can take 4 years.... but also 4 min. by chance.

> or you might use a weak password from a dictionary
As most people do, that's why i ask to prevent a hole in fSekrit.

f0dder:
That wasn't four years - it was... well, "3.671 years with 57 zeroes behind", I dunno what such a quantity is called ;). But yes, you're right that it could take 4min by chance. Not very likely, though.

If people use weak passwords, they shouldn't really be dealing with cryptography anyway. I'm sorry if that sounds elitist, but it's similar to putting a $5000 lock on your door and hiding the key under your doormat.

Not putting in an artificial limit is *not* a security hole in fSekrit.

AbteriX:
If people use weak passwords, they shouldn't really be dealing with cryptography anyway.
-f0dder (September 07, 2006, 04:54 PM)
--- End quote ---
That's wrong. People are people. They do use 'weak' PWs because they are easy to remember.
And it's better people use weak PWs then they do nothing to care there own infos.
It's challenge of the coder to help people in any way to protect them and there data, not to
say 'you are a looser if you can't remember "x$4kHa8"' (BTW, i don't wanna push you to do what you don't
want, we just talking about, right?) I know the PWs of a many user and they are "holliday" "2006"
"daughter's name" "pet's name"...

Peace  :-*

rjbull:

    Hackers' Song.


    "Put another password in,
    Bomb it out and try again,
    Try to get past logging in,
    we're Hacking, Hacking, Hacking.

    Try his first wife's maiden name,
    This is more than just a game,
    It's real fun, but just the same,
    It's Hacking, Hacking, Hacking."

    The NutCracker
    ( Hackers' U.K. )

--- End quote ---

  - see e.g. http://en.wikipedia.org/wiki/Micro_Live

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version