If you had a target system where the password/hash required changed every minute, using an algorithm?
Unless the brute-force system could traverse every single combination of hashes within the period of which the target system rotates hashes, surely it would be uncrackable?
Would this system be brute-force-uncrackable?
Moderator: BarsMonster
-
- Posts: 16
- Joined: Fri Nov 05, 2010 2:29 am [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable
Re: Would this system be brute-force-uncrackable?
Are you talking about this?
http://en.wikipedia.org/wiki/SecurID
And no it is not uncrackable. Well something that has a 256 bit key I'd say is uncrackable (well depending on the algorithm such as a 256 bit RSA private key is crackable in like a hour on a new computer).
http://en.wikipedia.org/wiki/SecurID
And no it is not uncrackable. Well something that has a 256 bit key I'd say is uncrackable (well depending on the algorithm such as a 256 bit RSA private key is crackable in like a hour on a new computer).
-
- Posts: 16
- Joined: Fri Nov 05, 2010 2:29 am [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable
Re: Would this system be brute-force-uncrackable?
haha, yes thats what i was given at work yesterday!Sc00bz wrote:Are you talking about this?
http://en.wikipedia.org/wiki/SecurID
And no it is not uncrackable. Well something that has a 256 bit key I'd say is uncrackable (well depending on the algorithm such as a 256 bit RSA private key is crackable in like a hour on a new computer).
My point is that if the required hash keeps changing, then brute forcing is only worth while if you can complete all the permutations in less time than the hash is changed?
(ignore stealing the key, masquerading etc)
- LordMike
- Posts: 184
- Joined: Tue Feb 10, 2009 8:34 am [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable
Re: Would this system be brute-force-uncrackable?
I'd categorize that as security under obscurity...P3ndldqny2 wrote:haha, yes thats what i was given at work yesterday!Sc00bz wrote:Are you talking about this?
http://en.wikipedia.org/wiki/SecurID
And no it is not uncrackable. Well something that has a 256 bit key I'd say is uncrackable (well depending on the algorithm such as a 256 bit RSA private key is crackable in like a hour on a new computer).
My point is that if the required hash keeps changing, then brute forcing is only worth while if you can complete all the permutations in less time than the hash is changed?
(ignore stealing the key, masquerading etc)

Re: Would this system be brute-force-uncrackable?
Wrong. It's a probability game let's say you can only check 10% of the key space before it changes. You'll have to guess 65.92% of the key space to have a 50% chance of guessing correctly. There's is one thing I'm ignoring there are actually 3 keys that will work because the SecurID key chain could be running a little fast or slow.P3ndldqny2 wrote:My point is that if the required hash keeps changing, then brute forcing is only worth while if you can complete all the permutations in less time than the hash is changed?
- BarsMonster
- Site Admin
- Posts: 1118
- Joined: Wed Oct 01, 2008 7:58 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable
Re: Would this system be brute-force-uncrackable?
It is easily crackable using thermorectal cryptanalysisP3ndldqny2 wrote:If you had a target system where the password/hash required changed every minute, using an algorithm?
Unless the brute-force system could traverse every single combination of hashes within the period of which the target system rotates hashes, surely it would be uncrackable?

There is a book published on this method. Unfortunately, not yet translated to English.

Who is online
Users browsing this forum: No registered users and 1 guest