Xref: utzoo rec.games.mud:2790 alt.security:2076 comp.unix.wizards:24664 Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!wuarchive!rex!ukma!dftsrv!hq!mitch From: mitch@hq.af.mil (Mitch Wright) Newsgroups: rec.games.mud,alt.security,comp.unix.wizards Subject: Re: Hacking Message-ID: Date: 3 Apr 91 18:00:37 GMT References: <1991Mar27.041126.9886@news.miami.edu> <1991Mar27.094325.24599@en.ecn.purdue.edu> <1991Apr1.173824.20323@odin.corp.sgi.com> Sender: mitch@hq.hq.af.mil Followup-To: rec.games.mud Organization: Air Force HQ, The Pentagon Lines: 39 In-reply-to: pkr@sgi.com's message of 1 Apr 91 17:38:24 GMT /* * In article <1991Apr1.173824.20323@odin.corp.sgi.com> * pkr@sgi.com (Phil Ronzone) writes: * */ pjnesser@mbunix.mitre.org (Nesser) writes: >>Someone in this thread pointed out that the way to crack passwords is to >>maintain a list of encrypted dictionary words and compare against that. I >>just want to point out that this is an amazingly expensive way to do it >>since you have to keep 4096 strings for each word. Disk space is getting >>cheaper but ... It's not that I've figured out a great way to do it myself >>but ... :-) >Well, assuming 100,000 words of 13 characters each, for each of 4096 >possibilities, that gives us 5,324,800,000 bytes. Now, with the >750MB and 1.2G 5.25" disk drives around, I'd probably have to have >several of the drives, OR, maybe use a smaller dictionary. > >100,000 words is a LOT of words ..... > Though the number is still quite large, you really only need 11 characters each, since it is trivial to know which salt grouping you are looking at. Therefore, we are looking at saving: 5,324,800,000 100,000 x 11 x 4096 = 4,505,600,000 ------------- 819,200,000 bytes There are other techniques that will allow even further compression of the data. You can easily store this on a few 8mm tapes and your off and running. -- ~mitch _______________________________________________________________________________ mitch@hq.af.mil (Mitch Wright) | The Pentagon, 1B1046 | (703) 695-0262 _______________________________________________________________________________