man, 27.12.2004 kl. 18.01 skrev Russell Coker: > On Friday 17 December 2004 08:19, Paul Iadonisi <pri.rhl3@xxxxxxxxxxx> wrote: > > Maybe the new dual Opteron box I just ordered can crack the passwords > > for both our keys. ;-) > > I wrote a program to crack keys with a hacked version of gpg (at the point in > the code where it asks for the pass-phrase my code inserted a loop to go > through the passwords). It's ugly but with the recent versions of gpg it > works reasonably well (I discovered a memory leak whereby gpg would lose a > couple of hundred bytes every attempt at a pass-phrase). > What if it tried a dictionary first? > The program could try over 600 combinations a second on a 2-3yo Athlon giving > almost 5 digits tested per day if you only use lower-case and digits. This > means that a pass-phrase of 6 characters comprising lower-case and digits > could be reliably cracked in just over a month. 7 characters could be done > in 3 years with an old Athlon or maybe some reasonable amount of time in a > dual-Opteron. 8 or more characters would require a large network of > machines. > > Let me know if you want a copy of my code, but be warned, it's really ugly. > Also it might be possible to optimise things and maybe double the speed if > you can figure out GPG memory management (I can't). > > -- > http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages > http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark > http://www.coker.com.au/postal/ Postal SMTP/POP benchmark > http://www.coker.com.au/~russell/ My home page
