Re: Cost of a brute force attack
From: Kev (kev_at_novercia.f9.co.uk)
Date: 10/03/04
- Next message: Paul Rubin: "Re: new /dev/random"
- Previous message: Paul Rubin: "Re: Diffie Hellman to generate Symmetric key"
- In reply to: jaf: "Cost of a brute force attack"
- Next in thread: Kelsey Bjarnason: "Re: Cost of a brute force attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 3 Oct 2004 14:48:27 -0700
jaf <jaffy1229@yahoo.co.uk> wrote in message news:<h58tl01hu6udui5mdqun92aimckrd23nf8@4ax.com>...
> Hi,
>
> I was wondering how much it would cost to brute force 256bit Blowfish
> encryption?
That 256-bit key used by Blowfish might simply be the SHA-256 hash of
a password with only 60 bits of entropy. If you can brute force the
pre-hash password/passphrase, it makes no difference whether the
post-hash key is 128, 256, or 448 bits - it could still fall to a
brute force attack.
But anyone that serious about breaking your 256-bit Blowfish won't
bother with brute force. An in-situ side-channel attack such as memory
sniffing is much more likely to yield results, and won't cost the
earth either.
- Next message: Paul Rubin: "Re: new /dev/random"
- Previous message: Paul Rubin: "Re: Diffie Hellman to generate Symmetric key"
- In reply to: jaf: "Cost of a brute force attack"
- Next in thread: Kelsey Bjarnason: "Re: Cost of a brute force attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
