Hey guys I was just wondering how you'd determine the length of time a supercomputer would need to crack a password of the following requirements:
Characters: 140
May include: All ANSI Characters
Examples:
,uqêÐ?ù³yÇa¦ùE?¹?AïÞWÐúNëøGdÎ`?Áz?:Vd4?[ØùÚwØå;!N§uwA?2Ñr}?l59~?þ7ä<Kͧ.?f¢3?T§bL7ÎÎHFU}lÏéñØXZ2¦¿ã'FF¦Æx?~HQ}y?×?j?èÐ#??¼f ÁáXjÝV¨Ï²??
m±ðþ?rhû¸Þ»?Ø2?ýTïàm¢«BYyÀ-ëENuNÁ?HÍö£AnÒöîùÝ_vÏbή[?e?Iã?·j3(n?#èa{á%ç}P*:çþ?)Óe6ù?]¸?m?gº Ô§Î+ñÕ@?ò?âí??¶Ð#ì})qò?9gN:?#n?eð(Zßr¡û?O?¬?
çz=¿²E?ú»Ytü·©Z(Ñ??u??¡??AÞ&MhtB)þ%×mRxE'?9¤<.?%£@ïÐi<DÏaùüAn_¶?Ï!b?JóÏÙÛDMbïQþZ?±Ñg,xS%Øh:¥ÚgdbR?©BN,Z»]ú/P/®æZ'éi´d»üY¸-?S©IäDê6>ÛÆÝ%
Now the supercomputer wouldn't know how many characters it had so it would start with 1, then 2, etc.
The supercomputer can try one billion passwords per second.
TL;DR
So how many years would it take for the supercomputer that can try 1 billion passwords per second to crack a 140 character password with all ANSI characters? And what would the equation for this look like?
So your asking how to make a bruteforce program? Either way I don't think your going to get help here since brute force isn't really used for anything other than cracking.
No, I'm asking how long it would take to brute force it, it's an equation which I can't seem to set up in my head... read the thread.
I don't think this has anything to do with "hacking", I think it's a homework problem
So if I remember anything from probability, the number of possible solutions is equal to the number of characters (140) to the power of the number of possible characters (according to wiki there are 128 characters in ANSI). Then if we divide this by a billion we get the time in seconds that it would take to check every possible string so it would be any time less than this (you can only know a maximum definitely because you might be lucky and find it on your second attempt).
So: (140^128)/1000000000 = time in seconds
Then divide this by a billion giving you an answer of well over a millennium (a lot over, like around 1 x 10^270 millennium if I am not mistaken.).
^^^
Tim's answer + Use iptables = Your SSH is safe from all hackers
The problem with trying to estimate is that brute forcing is completely random so the computer can get it on the 1st attempt or the 1 millionth attempt. I just woke up AND suck at math but based on what I came up with there are 1877964082700782359018463804282364083789491242934267233146848114841876363200 possible combination for a 140 character password based on the 256 ANSI characters so a rough estimate would be it would take at least 1877964082700782359018463804282364083789491242934267233146848114841000000000 seconds to attempt every possible combination.
(2010-06-13, 11:23 AM)seeker Wrote: [ -> ]^^^
Tim's answer + Use iptables = Your SSH is safe from all hackers
Or disable passwords all together. Passwords are so unreliable.
KuJoe sorry I didn't make it clear...
The computer would systematically brute force, not randomly.
It would start with a, then b, then c, then d, etc. then aa, then ab, etc. until it found the password.
Yes, it does depend on what the password is but it shouldn't matter that much.
Anyhow thanks for helping!
Actually after re-reading the original post, Tim's answer and mine are incorrect because we only calculated the combination of 140 characters and you said the computer would start with 1 character combination and then work up to 140.
That being said regardless of whether the computer does it systematically or not since you did not provide an actual password we could assume that the 140 character password could be anything. Either way the hardware would eventually die long before it cracked the password.
Use this password then:
,uqêÐ?ù³yÇa¦ùE?¹?AïÞWÐúNëøGdÎ`?Áz?:Vd4?[ØùÚwØå;!N§uwA?2Ñr}?l59~?þ7ä<Kͧ.?f¢3?T§bL7ÎÎHFU}lÏéñØXZ2¦¿ã'FF¦Æx?~HQ}y?×?j?èÐ#??¼f ÁáXjÝV¨Ï²??
Anyhow yeah I figured as much but I just wanted to know for sure.
(2010-06-13, 12:00 PM)KuJoe Wrote: [ -> ]Actually after re-reading the original post, Tim's answer and mine are incorrect because we only calculated the combination of 140 characters
Well I considered a "blank space" to be one of those characters, though technically it should be 129 possibilities for each space to take into account the possibility of each position being empty as a combination. It will probably only add on a few millennium :p