7/27/2019 Brute Force Cracking Passwords: The Folly

1/3

Brute Force CrackingWhy not pursue this folly?

The following is the first attempt at creating the solution space (ref: (Canter, George), Set Theory)

BitsPerByte

88

The number of bits per byte is a reminder of how large the byte space (8-bit) can be.8

ByteFieldMaxFull 2^BitsPerByte256

To make this calculation possible, we reduce the field to the bare minimum

MaxAlphabets 2626

AllAlphabetCases MaxAlphabets 126

NumericSymbolCount 10

10SpecialCharacterCount 1010

ReducedCharacterSpace AllAlphabetCases NumericSymbolCount SpecialCharacterCount46

ByteFieldMax ReducedCharacterSpace46

PasswordWidth 88

PrecisionDecimals 55

KiloByte 2^10

1024

MegaByte

KiloByte 21 048 576

GigaByte KiloByte 3

1 073 741 824

TeraByte KiloByte 4

1 099 511 627 776

PetaByte KiloByte 5

1 125 899 906 842 624

Time Measurement Units (Eastern Sexagesimal)Minutes 60

60

Hours Minutes 60

3600DayDiurnal Hours 2486 400

YearDiurnal 365.25 DayDiurnal

3.15576 107

CenturyDiurnal YearDiurnal 10^2

3.15576 109

MillenniumDiurnal YearDiurnal 10^3

3.15576 1010

EonMystic YearDiurnal 10^12

3.15576 1019

7/27/2019 Brute Force Cracking Passwords: The Folly

2/3

Nu mber of PasswordsGenerat ed

Generated Number of Passwords

MaxCombinations ByteFieldMax ByteFieldMax PasswordWidth

10520811100800

MaxOrderedPermutations

ByteFieldMax ByteFieldMax PasswordWidth PasswordWidth

424 199 103 584 256 000

Space Required to Store Passwords for Crack

SpaceInGigaBytesForPermutations NMaxOrderedPermutations GigaByte

3.9506620129966736`*^8

ChallengeTime 0.01

0.01

Worst Case Time required

TotalChallengeTime NMaxCombinations ChallengeTime

1.05208111008`*^11

Challenge Time inComputing

ChallengeComputingHours TotalChallengeTime Hours

2.922447528`*^7

4.5882333870912`*^13 computing hours

4.5882333870912`*^13 computing hours

ChallengeComputingYears TotalChallengeTime YearDiurnal

3333.8438603696095`

ChallengeComputingCenturies TotalChallengeTime CenturyDiurnal

33.3384386036961`

ChallengeComputingMillennia TotalChallengeTime MillenniumDiurnal

3.3338438603696097`

ChallengeComputingEons TotalChallengeTime EonMystic

3.33384386036961`*^-9

Calculation Complexity

RefExponent = N[(ByteFieldMax)*PasswordWidth]

368.`

ThetaBase = N[(RefExponent / MaxOrderedPermutations)]

8.675171561905634`*^-16

MaxLinearTheta = N[(ByteFieldMax)!]

5.502622159812089`*^57

ThetaMax = N[(MaxLinearTheta/RefExponent)]

1.4952777608185024`*^55

2 BruteForceCrackDeath.nb

7/27/2019 Brute Force Cracking Passwords: The Folly

3/3

Conclusion

In Conclusion, one must draw that a brute force cracking of any character field is only as good as the field size with

disastrous failings if applied in the sense of combinatrics to the extreme. However, this mathematical understanding is by

no means pointing the weakest link in a password, (the human mind.) Further failing here is by the fact that computers do

not use diurnal or ephemeris or any form of real time, they merely use ticks in the clock-driven model proposed by Von

Nuemann.

The alternative, therefore is to reduce field size as demonstrated above. However, that is the first reduction (that may also

result in error.)

In further work, a dictionary would further impose another limit that would aid in cracking passwords. These can be

further aided by dictionaries empowered by "rainbow-hashes" that make challenges faster. The assumed 0.01 second per

challenge, can be further reduced to 1 millisecond, but not much lesser than that even in extreme ideal scenarios. Even the

idea of a 0.01 second challenge is to first crunch all passwords and thereby render the challenge time as less as possible.

These are "archaic" techniques and may serve as an introduction to the novice as to why indulging in brute force cracking

might never yield results. To further complicate passwords, the field length of the password is just increased therebyreducing the possibility.

This must in no way be confused with the idea of cracking AES or DES keys who have a dependence on the existence of

large, mutually prime numbers that can thereafter be combined with a psuedo-random seed (usually entropy and not a

password) to attempt to strengthen encryption. Unfortunately entropy techniques on many SOHO / Personal Computers

can be replicated far too easily. The "Siren Trojans" (if I may coin such a term) would be a series of programs running in

the background of the OS (perhaps part of the OS itself) that forces entropy convergence and therefore defeats the

randomness of the seed. This of course is for later discussion.

Beta (betasam dot gmail period com)

2013

BruteForceCrackDeath.nb 3