Re: brute-force estimation
- From: Paul Rubin <http://phr.cx@xxxxxxxxxxxxxx>
- Date: 22 Feb 2006 02:21:38 -0800
"Elenhil" <elenhil@xxxxxxxxx> writes:
Say, I have a 20 character long password consisting of latin
characters (capital and lower-case), numbers and basic punctuation.
That is roughly 80 symbols to play with.
How many combinations one must look through from 1 to 20 (the exact
length is unknown) with unoptimized brute force?
Call the number X. So
X =
80**1 1-character passwords +
80**2 2-character passwords +
80**3 3-character passwords +
.... +
80**20 20-character passwords
That is:
X = 80**1 + 80**2 + 80**3 + ... + 80**20
So:
80*X = 80**2 + 80**3 + ... + 80**21
which means:
80*X - X = 79*X = 80**21 - 80**1 (all the middle terms cancel out)
which means:
X = (80**21 - 80**1) / 79
= 116751544770313617822784810126582278480
= 1.1675 * 10**38 approx. This is around 2**126, which is plenty.
I'm not a math man myself, but my friend tried to calculate it and
got 3535316142212174320 combinations ( that is 80!/(20!(80-20)), via
a n!/(k!(n-k)! formula where n is the number of symbols and k is
the maximum length of their combination).
That's the wrong calculation--it tells you how many ways you can pull
20 characters out of a bag holding 80 of them.
.
- References:
- brute-force estimation
- From: Elenhil
- brute-force estimation
- Prev by Date: Re: brute-force estimation
- Next by Date: key container name
- Previous by thread: Re: brute-force estimation
- Next by thread: Re: brute-force estimation
- Index(es):
Relevant Pages
|
