Thread: Brute Forcing Encryption
View Single Post
  #5   Spotlight this post!  
Unread 23-08-2009, 12:32
jtdowney jtdowney is offline
Boiler Up
AKA: John Downey
FRC #4302 (Robophins)
Team Role: Mentor
  
Join Date: Sep 2006
Rookie Year: 2006
Location: Chicago
Posts: 300
jtdowney has a brilliant futurejtdowney has a brilliant futurejtdowney has a brilliant futurejtdowney has a brilliant futurejtdowney has a brilliant futurejtdowney has a brilliant futurejtdowney has a brilliant futurejtdowney has a brilliant futurejtdowney has a brilliant futurejtdowney has a brilliant futurejtdowney has a brilliant future
Re: Brute Forcing Encryption
Quote:
Originally Posted by Lostmage333 View Post
To the best of my knowledge, hashes for 12 character long passwords *tend* to be in rainbow tables... If I had enough hard disk space to store some rainbow tables, I'd try it, but that would only work on passwords up to a certain length. I'm sure the 40ish character length of the FIRST passwords makes them cryptographically strong to rainbow tables, unless you have Terabytes upon terabytes of them...
Let me first say for the most part all previous posts in this thread are confusing cryptographic primitives. Please take no offense from this correction as cryptography is a difficult subject.

There are four separate topics here:
- Block ciphers (AES, DES, Blowfish) are what are used to encrypt some data with the use of a key. Then the same key can be used to reverse the process into the original input data. This is the cryptography the manual uses.
- Hash functions (SHA1, MD5, RIPEMD-160) are one-way functions that take some input and provide you with a set length output (SHA1 is 160bit, MD5 is 128bit). It is not possible to determine the original input with just the output and the knowledge of what function was used (hence one-way).
- Rainbow table is a pre-computed list of the outputs of one-way functions and the input that created them. Using a rainbow table of sufficient size it is possible to easily reverse a hash function but it is easily defeated by padding the input with a know value (salt).
- Hash function collisions (what the EngineYard contest was about) is the idea that there will exist more then one input for a possible function output. Since hash functions are the basis for digital signatures (used in SSL certificates for example) it is possible to forge an SSL certificate if you can find a way to pad your input with enough special values to make the hash output the same as an already signed certificate. Since the hash values are the same that same signature would work for both the original and the bad certificate.

Now in the original post Andrew provided us with three hash values (DES is not a hash function but I am assuming he means the crypt() function in UNIX that uses a variation on the DES algorithm to create a one-way hash function). A preliminary search of some of the free online rainbow tables yielded no results for me.

This would leave us with only the option of brute forcing the algorithm. Now he did indicate that the input was 12 characters which narrows the field somewhat and that the input consists of A-Z, a-z, 0-9, and space. This leaves us with 12 (r) spots for one of 63 (n) values. Using (n+r-1)!/r!(n-1)! we arrive at 21,944,067,106,416 possible values.

Now I for one don't have enough time on the University supercomputer to brute force that but if someone has a few graphics cards laying around you could probably build a computer that could crack it in a weeks time.
__________________
John Downey
Lead Robot Inspector - Purdue IndianaFIRST District
Whitney Young Magnet High School/Robophins (FRC 4302) - Mentor (2013-current)
Midwest Regional Planning Committee - Member (2012-current)
Boilermaker Regional Planning Committee - Member (2011-2014)
Robot Inspector (2008-current)
Purdue FIRST Programs - Staff Advisor (2008-2011)
Lafayette-Jefferson High School/Precision Guessworks (FRC 1646) - Mentor (2006-2011)
Reply With Quote