Sie sind auf Seite 1von 7

http://www.mandylionlabs.com/index15.

htm
USE TO ESTIMATE TIME FOR THE MORE DIFFICULT BRUTE FORCE ONLY
(DICTIONARY LOOKUP ATTACKS WHICH ARE TRIED USUALLY FIRST TAKE SECONDS
AND GET AN AVERAGE OF 25% of ALL PASSWORDS)
Length Sorted by(see "how to use this calculator" tab):
Character
Set Size Entropy or Keyspace of password
Upper Case Letters 26 1
Lower Case Letters 26 1
Numbers 10 1
Special Characters 32 1
or Purely Random Combo of Alpha/Numeric 62 1
or PURELY Random Combo of Alpha/Numeric/Special 94 1
PHRASE or WORD SUBJECT TO A DICTIONARY ATTACK 5 1
password length in Characters 0 1 or
#N/A
./2
1
Average Assigned Workload/Computer
17,179,869,184
Estimated Gross Number of hours to Crack 0.00 hours
On Distributed Level: 0.00 days
If Number of Machines Employed were:
10.00 0.00 hours
50.00 0.00 hours
100.00 0.00 hours
250.00 0.00 hours
500.00 0.00 hours
1,000.00 0.00 hours
10,000.00 0.00 hours
100,000.00 0.00 hours
0
0
Click here to go to MandylionLabs Web Site
Number of Keys a Desktop Computer Can Try efficiently in an
Hour(=2*2^33)
Total Workload in Floating
Point Processes
17 billion tries in an hour (Very
High Performance)
Reduce Keyspace Search by
Law of Averages
M a n d y l i o n
r e s e a r c h l a b s

The only USER INPUT AREA -- insert
password parameters here see tab:
'How to Use this Calculator" for further detail

(per distributed.net efficient workload for
1/2 hour is now(2202) 2^33 keyspace
search(was 2^28)
http://www.mandylionlabs.com/index15.htm
Click here to
go to
MandylionLab
s Web Site
The red area is the only area of user input -- The calculator is organized to give you two ways to enter a password's composition
-- the first way is by separately putting in the number of alpha / numeric / special characters in the password
on each of their separate lines (and seeing the total adds up to you total password length); and

--the 2nd way just by putting in the total number of positions in the password on either the "random combo" alpha/numeric line
"random combo" alpha/numeric/special character line if special characters are included
attack line

The result of the two methods can vary widely -- for instance if I have a password comprised of 4 upper alphas and 3 numbers and
special character -- if they were entered separately ( and made sure the total for password length read 8)
billion positions in the keyspace and about .43 of an hour or about 25 minutes to get that cracked if however, I just put 8
random combo field -- it would show in the "gazillions" and would take about 177k hours to crack

Why the difference? -- simple -- the calculator tries to approximate what L0pht crack algorithms take advantage of
engineering -- i.e. a propensity to make even supposedly "strong" manually made up passwords
giving the hacker an educated guess on the predictable pattern of just its composition
in where to start the brute force attack -- the logic is -- the in brute force mode you are resolved to trying each and every p
the keyspace in finding the answer, why not start that search in the most likely areas
patterns, etc.

For instance, the cracking programs rely on the fact that a typical user will probably not start a password with a special ch
the first position but will put nearly always put it somewhere near the end of the space
amounts of cracking time with a cracking program that is written to contemplate this
attack on a password that assumes a special character is in the first position, or a user working within an environment that
password composition policy -- will almost always subconsciously mimic the wording of the policy when they are trying to comply
with it -- i.e. if policy says it must contain at least 8 characters -with at least one of each of the character sets (alpha upp
lower, numeric, and special characters) represented -- users under that policy will then most likely
programs will improve their odds of cracking speed by doing these first) create a password that literally follows that order
policy - i.e. an 8 character password that looks like this -- As1%1234 where they get their "minimum compliance with policy out
the way "up front" then a suffix with something easy to remember ---1234

In essence, these cracking programs go through a protocol of routines or hacking steps from greatest reward/least effort to
greatest effort/least reward (i.e. purely random) hoping to get lucky and snag an answer before they have to go through the e
keyspace.

The following is a good reference on how L0phtcrack uses logic such as this to take educated guesses at where it the keyspace
should first start looking for a matching pattern.
http://online.securityfocus.com/infocus/1319

The calculator is organized to give you two ways to enter a password's composition
the first way is by separately putting in the number of alpha / numeric / special characters in the password-- if they are known --
on each of their separate lines (and seeing the total adds up to you total password length); and
the 2nd way just by putting in the total number of positions in the password on either the "random combo" alpha/numeric line or the
"random combo" alpha/numeric/special character line if special characters are included- or the phrase or word subject to a dictionary
for instance if I have a password comprised of 4 upper alphas and 3 numbers and 1
if they were entered separately ( and made sure the total for password length read 8) -- it would show about 14
billion positions in the keyspace and about .43 of an hour or about 25 minutes to get that cracked if however, I just put 8 in the
it would show in the "gazillions" and would take about 177k hours to crack --
the calculator tries to approximate what L0pht crack algorithms take advantage of --social
i.e. a propensity to make even supposedly "strong" manually made up passwords- easy to remember and thereby
giving the hacker an educated guess on the predictable pattern of just its composition -- which gives them a tremendous head start
the in brute force mode you are resolved to trying each and every position in
the keyspace in finding the answer, why not start that search in the most likely areas -- i.e. standard polices, repeating characters,
For instance, the cracking programs rely on the fact that a typical user will probably not start a password with a special character in
the first position but will put nearly always put it somewhere near the end of the space-- therefore you can shave enormous
amounts of cracking time with a cracking program that is written to contemplate this - so that it will not start a brute force guessing
attack on a password that assumes a special character is in the first position, or a user working within an environment that has a
will almost always subconsciously mimic the wording of the policy when they are trying to comply
with at least one of each of the character sets (alpha upper, alpha
users under that policy will then most likely -(and hence the cracking
programs will improve their odds of cracking speed by doing these first) create a password that literally follows that order in the
As1%1234 where they get their "minimum compliance with policy out of
---1234
In essence, these cracking programs go through a protocol of routines or hacking steps from greatest reward/least effort to finally
greatest effort/least reward (i.e. purely random) hoping to get lucky and snag an answer before they have to go through the entire
The following is a good reference on how L0phtcrack uses logic such as this to take educated guesses at where it the keyspace it
Mean Time to Brute Force Attack a Key Space
worksheet http://www.mandylionlabs.com/index15.htm
Click here to go to MandylionLabs Web Site
Definitions
Plain Text A series printable keyboard characters (i.e. like a
password)
Password A series of printable keyboard characters used to
uniquely identify a person or device as having
authorization to access resources or data or space
Cipher Text Plain text which has been encrypted by either
encryption software or transparently via the browser,
operating system or data communications utility. Also
see encrypted stream.
Encrypted Stream
A series of 1 and 0's representing the transmission of
encrypted plain text which cannot be decoded to arrive
back at its plain text equivalent
Hash or One Way Hash See Encrypted Stream
Target Cipher Text
The Encrypted Stream or Cipher text attempting to be
decoded (cracked) via comparison with other know
Encoding Plain Text The process of encoding plain text to cipher text
Keyspace
The total number of possible comparisons to an
encrypted stream
Flops/Megaflops/Gigaflops
Floating point operations/second -- a measure of a
CPU's processing power doing complex calculations;
Mega is million; Giga is billion; Rule of thumb, most
desktop machines now can perform at several
hundred megaflops/sec -- and the high end machines
have just recently broken the gigaflop threshold. Can
only be empirically calculated via benchmark tests
which are performed on all major CPUs and results
published
Comparisons, Tries or Guesses A single attempt at Encoding Plain Text and
Comparing the Result to a Target Cipher Text to see if
they are equal-rule of thumb- a single attempt is
approximately equal to single floating point processing
Total Workload
The calculated number tries necessary to break a
given code (keyspace/2)
Average Assigned Workload For distributed processing applications, the average
portion of the total workload assigned to be solved by
a particular CPU. Assigned workloads take into
account average CPU size and capability, average
CPU utilization, average time online and available for
processing. Current rule of thumb is 2 to the 33 power
for 1/2 hour of computing time per session at less than
10% utilization.
Entropy See Keyspace
Code Breaking Accepted Law of
Averages
50/50 Chance - i.e. a code has an equal chance of
being broken anywhere throughout the entire
Keyspace (i.e. could be on first try or last but average
is 1/2 way through all tries)
million 1,000,000 1*10^6 6
billion 1,000,000,000 1*10^9 9
trillion 1,000,000,000,000 1*10^12 12
quadrillion 1,000,000,000,000,000 1*10^15 15
qunitrillion 1,000,000,000,000,000,000 1*10^18 18
sextillion 1,000,000,000,000,000,000,000 1*10^21 21
septillion 1,000,000,000,000,000,000,000,000 1*10^24 24
octillion 1,000,000,000,000,000,000,000,000,000 1*10^27 27
nonillion 1,000,000,000,000,000,000,000,000,000,000 1*10^30 30
decillion 1,000,000,000,000,000,000,000,000,000,000,000 1*10^33 33
M a n d y l i o n
r e s e a r c h l a b s
Mean Time to Brute Force Attack a Key Space
worksheet http://www.mandylionlabs.com/index15.htm
Click here to go to MandylionLabs Web Site
What Can the latest SuperComputer do?(as of Fall, 2004)
supercomputer(70 trillion per second) 1,000,000,000,000 1 trillion
IBM's Blue Gene SuperComputer 9/04 70 70 trillion per second
see Top500.org 70,000,000,000,000.00 transactions or unique password searches per second
3600 seconds in an hour
252,000,000,000,000,000.00 transactions or unique password searches per hour
What this calculator uses as the
estimate of what the typical Pentium 17,179,869,184.00 transactions or unique password searches per hour
Computer can search in an hour used in this calculator
14,700,000 the latest super computer has the ability
to search 14.7 million times faster than the estimates
of a hackers computing power used for cracking
with today's cracking software
Factoids:
9 character purely random password the size of a purely random password that
(keyspace: 572 quadrillion combinations =572*10^15 to be searched) could be broken by the super computer in 1 hour
11 character purely random password the size of a purely random password that
(keyspace: 5 sextillion combinations =5*10^21 to be searched) could theoretically survive a super computer attack for 90 days
M a n d y l i o n
r e s e a r c h l a b s