Hacking
Mitch Wright
mitch at hq.af.mil
Thu Apr 4 04:00:37 AEST 1991
/*
* In article <1991Apr1.173824.20323 at odin.corp.sgi.com>
* pkr at sgi.com (Phil Ronzone) writes:
*
*/
pjnesser at mbunix.mitre.org (Nesser) writes:
>>Someone in this thread pointed out that the way to crack passwords is to
>>maintain a list of encrypted dictionary words and compare against that. I
>>just want to point out that this is an amazingly expensive way to do it
>>since you have to keep 4096 strings for each word. Disk space is getting
>>cheaper but ... It's not that I've figured out a great way to do it myself
>>but ... :-)
>Well, assuming 100,000 words of 13 characters each, for each of 4096
>possibilities, that gives us 5,324,800,000 bytes. Now, with the
>750MB and 1.2G 5.25" disk drives around, I'd probably have to have
>several of the drives, OR, maybe use a smaller dictionary.
>
>100,000 words is a LOT of words .....
>
Though the number is still quite large, you really only need 11 characters
each, since it is trivial to know which salt grouping you are looking at.
Therefore, we are looking at saving:
5,324,800,000
100,000 x 11 x 4096 = 4,505,600,000
-------------
819,200,000 bytes
There are other techniques that will allow even further compression of the
data. You can easily store this on a few 8mm tapes and your off and running.
--
~mitch
_______________________________________________________________________________
mitch at hq.af.mil (Mitch Wright) | The Pentagon, 1B1046 | (703) 695-0262
_______________________________________________________________________________
More information about the Comp.unix.wizards
mailing list