brute-force estimation

Aiya!

Has anyone tried to estimate what amount of efforts it would take to
pick a decent password?

Say, I have a 20 character long password consisting of latin
characters (capital and lower-case), numbers and basic punctuation.
That is roughly 80 symbols to play with.

How many combinations one must look through from 1 to 20 (the exact
length is unknown) with unoptimized brute force?

I'm not a math man myself, but my friend tried to calculate it and
got 3535316142212174320 combinations ( that is 80!/(20!(80-20)), via
a n!/(k!(n-k)! formula where n is the number of symbols and k is
the maximum length of their combination).

Whether it is correct or no (on which I would also like you to
comment), I'm curious about the use of such calculation. One could
try to calculate what amount of time it would take for a
supercomputer to pick a password of given length and complexity.
Say, a certain modern supercomputer can execute 64 trillion
instructions per second (or so I've heard in the news). I've also
heard that a supercomputer can perform brute-force search with 33%
efficiency. That is three instructions per combination. If that is
correct, then such a supercomputer could pick my 20-long combination
of 80 characters in about 46 hours without even without any
brute-force search optimization!

I would like you people to comment on that. And if we could come up
with correct fogures, there might be a use for them: given the
estimated rate of supercomputer performance growth (there's a
comparison table for SCs from 1940s to 2005) one could calculate how
long and complex a password should be so that it could not be picked
in the next, say, 50 years even by the most advanced supercomputer.
That would be a well-reasoned estimation for a safe password length.
Wouldn't that be useful?


Boris

: malle teera lende nuumenna · ilya sii maller raice :

.

Relevant Pages

  • Re: brute-force estimation
    ... characters, numbers and basic punctuation. ... supercomputer to pick a password of given length and complexity. ... with correct fogures, there might be a use for them: ... estimated rate of supercomputer performance growth (there's a ...
    (sci.crypt)
  • Re: Add spaces for specific fields to paste in
    ... You need to concatenate the 3 cells, with the stipulation that the first value contains 19 characters, the second contains 12 characters, and the third contains 6. ... Amount: [the negative sign goes afterwards and no decimal point is ... order for the pasting to line up in the proper fields. ...
    (microsoft.public.excel.misc)
  • Re: Newbie data size encryption questions
    ... amount of data that I can encrypt without the system being insecure? ... For example, if i wanted to encrypts strings of say 5 or 10 characters, ... it is easier to decrypt a large amount of data. ...
    (sci.crypt)
  • Re: how to setup word/access text tables with large volumes of text
    ... graphics, names of characters, interactions between characters, anything ... >for each character and each cell would contain a large amount of text. ... Info storede would include large amounts of text or ...
    (microsoft.public.access.tablesdbdesign)
  • Re: Help with rather simple method
    ... # 'string' is the String to perform the replacing on. ... # 'amount' is the amount of different characters to replace. ... The solution I've come up with does not feel Ruby-ish at all and could probably be implemented in pretty much any other programming language. ...
    (comp.lang.ruby)