Re: Me stupid: lost password for gpg

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Friday 17 December 2004 08:19, Paul Iadonisi <pri.rhl3@xxxxxxxxxxx> wrote:
>   Maybe the new dual Opteron box I just ordered can crack the passwords
> for both our keys. ;-)

I wrote a program to crack keys with a hacked version of gpg (at the point in 
the code where it asks for the pass-phrase my code inserted a loop to go 
through the passwords).  It's ugly but with the recent versions of gpg it 
works reasonably well (I discovered a memory leak whereby gpg would lose a 
couple of hundred bytes every attempt at a pass-phrase).

The program could try over 600 combinations a second on a 2-3yo Athlon giving 
almost 5 digits tested per day if you only use lower-case and digits.  This 
means that a pass-phrase of 6 characters comprising lower-case and digits 
could be reliably cracked in just over a month.  7 characters could be done 
in 3 years with an old Athlon or maybe some reasonable amount of time in a 
dual-Opteron.  8 or more characters would require a large network of 
machines.

Let me know if you want a copy of my code, but be warned, it's really ugly.  
Also it might be possible to optimise things and maybe double the speed if 
you can figure out GPG memory management (I can't).

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux