On Sun, Nov 10, 2013 at 01:15:25 CET, John Thoe wrote: > > If you are missing 6 characters, with a standard alphabeth of, say, > > 2x26 chars + 10 digits and 20 special symbols, that would take > > about 300'000'000 tries. As this is plain dm-crypt, a try does > > not take about 1 second but signigicantly less (no iterated > > hashing). No idea how fast this really is, but if programmed right, > > it may be doable in a few days of trying. Of course, you also have > > to recognize when you have the right password, which depends on > > what is in there. "blkid" may help to recognize a filesystem, > > but again I have no idea how fast it is. > > Sorry it was actually dm-crypt with LUKS. I just checked and had no idea > before. That makes it both easier and harder. Easier because the check whether a password matches is now trivial. Harder because LUKS uses iterated hashing. Milan has an example for doing this somewhere in the source package, best use that. Doing it manually with the commandline cryptsetup is possible, but not recommended. It is likely harder than using the example dictionary search tool, and it can use multiple CPUs. > I have generated the possible permutation list. Wouldn't it make sense to > just brute force LUKS with the 100,000 possible combinations or is that a > bad idea? That is actually the only thing you can do. With 100'000 combinations, you can expect this to take something like 100'000 CPU seconds, or roughly 28h on a single CPU. If you do this on an image file of your LUKS container, just copying the first 100MB or so should work fine. > Sorry, I am trying to understand if it is possible to do this or I should > just give up hope. If your 100'000 combinations have the right one in there, then it is not even very hard to do. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
