Full Disclosure mailing list archives
Re: Comparing Algorithms On The List OfHard-to-brut-force?
From: Andrew Farmer <andfarm () gmail com>
Date: Tue, 1 Nov 2005 10:55:31 -0800
On 01 Nov 05, at 10:11, Brandon Enright wrote:
Brute forcing an algorithm suggests that you are not attacking a weakness or known flaw in the algorithm but rather just running through the keyspace trying to recover the plaintext. In that case, whichever allows you to usethe most bits is what you want.
Note that the encryption speed of an algorithm is *not* a significant factor in the time taken to brute-force it, except for extremely small keyspaces! Remember that the time taken to brute-force an N-bit algorithm that takes K
seconds per encryption is, on average N K * 2which increases much more rapidly with N than it does with K. Adding even one more bit will double the average time taken to brute-force an algorithm, while
using a slower algorithm will only increase the difficulty marginally.Also note that anything beyond 256 bits is silly. Brute-forcing a 256- bit algorithm can be shown to be PHYSICALLY impossible, so there's no reason to
go anywhere beyond that.
Attachment:
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Comparing Algorithms On The List Of Hard-to-brut-force? Bipin Gautam (Nov 01)
- RE: Comparing Algorithms On The List OfHard-to-brut-force? Brandon Enright (Nov 01)
- Re: Comparing Algorithms On The List OfHard-to-brut-force? Andrew Farmer (Nov 01)
- Re: Comparing Algorithms On The List OfHard-to-brut-force? James Longstreet (Nov 01)
- Re: Comparing Algorithms On The List OfHard-to-brut-force? Bipin Gautam (Nov 01)
- RE: Comparing Algorithms On The List OfHard-to-brut-force? Aditya Deshmukh (Nov 01)
- RE: Comparing Algorithms On The List OfHard-to-brut-force? Brandon Enright (Nov 01)