@tkoola Continuing with this with the part “How Fast” My copy of Meyer’s Object Oriented Software Construction has about 1,200 body pages. Assuming no flow control or protocol overhead, about how long would it take to send it over an async 56k baud modem line? Assuming 1800 characters per page and that character is 8 bits. 56k baud = 7000 characters per second. Put together 1800 * 1500 / 7000 = 385s and then some that is roughly 6 minutes My binary search algorithm takes about 4.5mS to search a 10,000 entry array, and about 6mS to search 100,000 elements. How long would I expect it to take to search 10,000,000 elements (assuming I have sufficient memory to prevent paging). Binary search complexity is log(O). From limited set of data it takes 1.5ms more time to process 10 times more items. So, 10,000,000 is roughly 10.5ms with this data Unix passwords are stored using a one-way hash function: the original string is converted to the ‘encrypted’ password string, which cannot be converted back to the original string. One way to attack the password file is to generate all possible cleartext passwords, applying the password hash to each in turn and checking to see if the result matches the password you’re trying to crack. If the hashes match, then the string you used to generate the hash is the original password (or at least, it’s as good as the original password as far as logging in is concerned). In our particular system, passwords can be up to 16 characters long, and there are 96 possible characters at each position. If it takes 1mS to generate the password hash, is this a viable approach to attacking a password? Number of possible passwords is 96^16 and you can solve 1000 a second and putting that to calculator gives us a resounding “NO”

In reply to

@tkoola Continuing with this with the part “How Fast”

My copy of Meyer’s Object Oriented Software Construction has about 1,200 body pages. Assuming no flow control or protocol overhead, about how long would it take to send it over an async 56k baud modem line?

Assuming 1800 characters per page and that character is 8 bits. 56k baud = 7000 characters per second. Put together 1800 * 1500 / 7000 = 385s and then some that is roughly 6 minutes

My binary search algorithm takes about 4.5mS to search a 10,000 entry array, and about 6mS to search 100,000 elements. How long would I expect it to take to search 10,000,000 elements (assuming I have sufficient memory to prevent paging).

Binary search complexity is log(O). From limited set of data it takes 1.5ms more time to process 10 times more items. So, 10,000,000 is roughly 10.5ms with this data

Unix passwords are stored using a one-way hash function: the original string is converted to the ‘encrypted’ password string, which cannot be converted back to the original string. One way to attack the password file is to generate all possible cleartext passwords, applying the password hash to each in turn and checking to see if the result matches the password you’re trying to crack. If the hashes match, then the string you used to generate the hash is the original password (or at least, it’s as good as the original password as far as logging in is concerned). In our particular system, passwords can be up to 16 characters long, and there are 96 possible characters at each position. If it takes 1mS to generate the password hash, is this a viable approach to attacking a password?

Number of possible passwords is 96^16 and you can solve 1000 a second and putting that to calculator gives us a resounding “NO”

2019-12-12 12:22 pm

Embed

Micro.blog

Micro.blog