Password grinding (Was: Hacking)
Pete Shipley
shipley at remarque.berkeley.edu
Mon Apr 15 10:16:13 AEST 1991
In article <PJNESSER.91Mar27142853 at mbunix.mitre.org> pjnesser at mbunix.mitre.org (Nesser) writes:
>Someone in this thread pointed out that the way to crack passwords is to
>maintain a list of encrypted dictionary words and compare against that. I
>just want to point out that this is an amazingly expensive way to do it
>since you have to keep 4096 strings for each word. Disk space is getting
>cheaper but ... It's not that I've figured out a great way to do it myself
>but ... :-)
>--
When wrote a system that stores a list on encrypted words on 3 exa-byte
tapes. The data is stored as a sorted listed structers contained the
encrypted text and a unsigned short. The u_short contains an index
number to the dictionary used to generate the tapes, the saved 4-bytes
per entery and improves security since the contence of these tapes
can't not be used to crack a password directly.
The run time to scan these tape was about 2.5 hours (the bottle neck
is in the access time to the tape).
More information about the Comp.unix.wizards
mailing list