- security News Forums
- > Crypto tool predicts password cracking t...
- > alternative math
alternative math 16 July 2010 15:50
using only powers of 2 (worst case numbers)
1. keyboardKeyspace = ~ 2 ^ 6 (64 avilable keys, note that 2 ^7 is
128, that is too big)
2. keysPerSecond = 2 ^ 30 (class F 1,000,000,000 Passwords/sec ~ 2
^30)
3. secondsPerYear = 2 ^ 25 (31536000 seconds per year ~ 2 ^ 25)
Then:
years = totalSeconds / secondsPerYear;
totalSeconds = keys / keysPerSecond;
keySpace = entropy * keyboardKeyspace ^ passLength;
where
entropy of password is between ]0, 1[ // not shown how to calculate
passLength user password length
Then:
years = (keySpace / keysPerSecond) / secondsPerYear
= keySpace / (keysPerSecond * secondsPerYear)
= (entropy * keyboardKeyspace ^ passLength) / (keysPerSecond *
secondsPerYear)
Replacing the above constants, for best entropy = 1, we get:
years = (1 * (2 ^ 6)^ passLength) / ( 2 ^ 30 * 2 ^ 25)
= 2^(6 * passLength) / 2 ^ 55
= 2 ^ ( 6 * passLength - 55)
That is for a full random password of 20 chars:
years = 2 ^ ( 6 * 20 - 55) = 2 ^ 65 = 36893488147419103232
- Threaded View
- Flat View
