Password cracking (was Re: How to stop future viruses.)
MFHorn
arosen at hawk.ulowell.edu
Mon Nov 14 08:37:27 AEST 1988
>From article <2186 at cuuxb.ATT.COM>, by dlm at cuuxb.ATT.COM (Dennis L. Mumaugh):
> Thus it is 22 bytes x 80,000 x 4096 or
> 7,208,960,000 bytes of storage. With say 20 cpus and only 400
> real salts I need 36,044,800 bytes per machine. I can automate
> almost all of this and thanks to RFS and LAN's communcations
> isn't the problem. The time is that to fgrep the 36 Meg file on
> each machine. That runs about an hour depending on load and disk
> performance.
On one of our machines here, I can generate about 50 encryptions
per second. That's about 500 seconds (8 minutes) to encrypt
/usr/dict/words. I could probably throw together some 'rsh'
command lines to make some of our big Vaxen, MVs, Apollo and
DEC workstations, etc., do the part of the work, and I'm encrypting
the dictionary in under a minute.
Compare this to the time it would take to grep through N Meg of
pre-encrypted data, and you'll see they're very close (and both
negligible).
> The major point is that properly prepared one CAN crack passwords
> in less than an hour given adequate resources.
Less than a minute.
Andy Rosen | arosen at hawk.ulowell.edu | "I got this guitar and I
ULowell, Box #3031 | ulowell!arosen | learned how to make it
Lowell, Ma 01854 | | talk" -Thunder Road
RD in '88 - The way it should've been
More information about the Comp.unix.wizards
mailing list