Date: Mon, 17 Feb 1997 13:04:21 -0800 From: Jim Shankland <jas@flyingfox.COM> To: black@gage.com, jas@flyingfox.COM Cc: imp@village.org, lithium@cia-g.com, phk@critter.dk.tfs.com, security@freebsd.org Subject: Re: blowfish passwords in FreeBSD Message-ID: <199702172104.NAA14500@saguaro.flyingfox.com>
next in thread | raw e-mail | index | archive | help
>From black@gage.com Mon Feb 17 12:11:49 1997
Return-Path: black@gage.com
Received: (from smap@localhost) by saguaro.flyingfox.com (8.6.12/8.6.10) id MAA14448 for <jas@flyingfox.COM>; Mon, 17 Feb 1997 12:11:48 -0800
Received: from brimstone.gage.com(205.217.2.10) by saguaro.flyingfox.com via smap (V1.3)
id sma014446; Mon Feb 17 12:11:39 1997
Received: (from mail@localhost)
by fusion.gage.com (8.8.3/8.8.4)
id OAA13645; Mon, 17 Feb 1997 14:15:41 -0600 (CST)
Received: from octopus.gage.com(158.60.57.50) by fusion.gage.com via smap (V2.0beta)
id xma013641; Mon, 17 Feb 97 14:15:40 -0600
Received: from squid.gage.com (squid [158.60.57.101]) by octopus.gage.com (8.7.5/8.7.3) with SMTP id OAA01624; Mon, 17 Feb 1997 14:15:39 -0600 (CST)
Received: from schemer by squid.gage.com (NX5.67e/NX3.0S)
id AA06596; Mon, 17 Feb 97 14:15:38 -0600
Message-Id: <9702172015.AA06596@squid.gage.com>
Received: by schemer.gage.com (NX5.67g/NX3.0X)
id AA03328; Mon, 17 Feb 97 14:15:37 -0600
Content-Type: text/plain
Mime-Version: 1.0 (NeXT Mail 4.0 v146.2)
In-Reply-To: <199702171906.LAA14225@saguaro.flyingfox.com>
X-Nextstep-Mailer: Mail 3.3 (Enhance 1.3)
Received: by NeXT.Mailer (1.146.2)
From: Ben Black <black@gage.com>
Date: Mon, 17 Feb 97 14:15:37 -0600
To: Jim Shankland <jas@flyingfox.COM>
Subject: Re: blowfish passwords in FreeBSD
Cc: imp@village.org, phk@critter.dk.tfs.com, lithium@cia-g.com,
security@freebsd.org
References: <199702171906.LAA14225@saguaro.flyingfox.com>
Status: R
[I wrote:]
> Hmm. 2^56 possible keys, so on average, you'd need to try
> 2^55 keys. Say it takes 2^14 seconds (that's a little more
> than three hours, but about right); then this board was doing
> 2^41 encryptions per second, or roughly 2 million per
> microsecond.
Ben Black <black@gage.com> writes:
> he didn't say it averaged 3 hours. he said it took it 3 hour
> on a specific key.
OK. Suppose the machine got very lucky, and happened to hit
the right key after searching only 1/2^15 of the key space.
The chances of getting this lucky are about 1 in 30,000. Then
the machine did 2^41 encryptions in 2^14 seconds, or 2^27 encryptions
per second, or about 128 per microsecond. Still not too shabby, and
I still want to know how much this board costs :-).
It is, of course, always possible to guess the right password the
very first time, thereby cracking the account in well under a second.
This will work even on an old 386 box lying around your lab, and
does not require a card with ASICs. All you need is very good luck :-).
Whether this says anything meaningful about the cryptographic
strength of DES is debatable.
Jim Shankland
Flying Fox Computer Systems, Inc.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702172104.NAA14500>