Re: password cracking: one char at a time.
From: Martin Krämer (martin_kraemer2_at_freenet.de)
Date: 11/21/05
- Previous message: Jason T. Hallahan: "Solaris/UNIX Network Performance & Security"
- In reply to: michael young: "password cracking: one char at a time."
- Next in thread: Saqib Ali: "Re: password cracking: one char at a time."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: security-basics@securityfocus.com Date: Mon, 21 Nov 2005 20:10:32 +0100
> Hi all,
> I was wondering if is at all possible to discover a password one
> char at a time.
That's not possible for hashed passwords.
The hash functions are built in a way that similar strings are transformed
to entirely different hashes.
i.e. MD5:
t: b7269fa2508548e4032c455818f1e321
te: 08ee1f3976fd6ce68c21f3500400f8eb
tes: 064ef34b174ff14b43acc2e7dce0c9e7
test: d8e8fca2dc0f896fd7cb4cb0031ba249
All practically used hash functions share this important property and
practically all passwords are stored in a hashed form.
Such a decryption scheme would only work for character-wise encryption
like a Caesar or Vigenere cryptosystem and not on a hash.
Greetings,
Martin Krämer
- application/pgp-signature attachment: stored
- Previous message: Jason T. Hallahan: "Solaris/UNIX Network Performance & Security"
- In reply to: michael young: "password cracking: one char at a time."
- Next in thread: Saqib Ali: "Re: password cracking: one char at a time."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
