Page 17 of 17 FirstFirst ... 7151617
Results 161 to 170 of 170

Thread: The UVD/UVD2 thread.

  1. #161
    Join Date
    May 2007
    Location
    Third Rock from the Sun
    Posts
    6,587

    Default

    Quote Originally Posted by nanonyme View Post
    For your information 100 000 combos per second is insignificant. We're talking about easily over 91292051633079798989750131910067116342455228306074 83146366674788070551428931526296681935903540008509 26342401 total amount.

    That's right, and to top it off that Cuda cracker is only effective against extremely weak passwords.

    Another great breakdown of real numbers.

    Brute forcing a 256 bits cryptographic code without any known flaws (like WPA2 AES) means that they should test at worst 2^256 keys and average 2^255 (~ 10^76) keys.
    Letís say that they are using a new nVidia GPU with 1000 stream processors running at 10 GHz
    That is 10^13 instructions per second
    Now with their magical software they can check 1 key per instruction.
    So, they can check 10^13 keys per second
    Even with 1 billion of those GPU (10^9) they can "only" calculate 10^22 key per second (.
    At that rate, they need 10^51 seconds which is 10^43 years.
    As a reference, the estimate age of the universe is 10^14 years.

  2. #162
    Join Date
    Nov 2008
    Location
    Germany
    Posts
    5,411

    Default

    Quote Originally Posted by deanjo View Post
    That's right, and to top it off that Cuda cracker is only effective against extremely weak passwords.

    Another great breakdown of real numbers.
    my point is diverend...

    NOW we have 100 000 valid tests per second..

    in 2 monds we have 150 000 valid tests per second becourse of 6 core CPU's

    and 40nm GPUs...

    2010 we have 32nm 12 core CPUs and 32 nm GPUs

    then we have 300 000 valid tests per second per PC unit....

    so if we make a P2P cluster and 1000 Linux users help with 2 PC units...

    we have 1000*2*300000= 600000000 valid tests per second:..

    so we now do this 1 year:

    600000000*365*24*60*60=1,89216^16 valid tests!

    "Brute forcing a 256 bits cryptographic code without any known flaws "

    but in AES there are known flaws!
    Last edited by Qaridarium; 04-23-2009 at 10:31 AM.

  3. #163
    Join Date
    Aug 2008
    Location
    Finland
    Posts
    1,810

    Default

    Quote Originally Posted by Qaridarium View Post
    600000000*365*24*60*60=1,89216^16 valid tests!
    Oh, cool. So it would take only 48247532784267608970568097787748983353656788171230 145158795634555590179630324741547659478604 years to crack an alphanumeric password with spaces with length 60 by bruteforce methods by your calculations with the grid you visioned. You, sir, are a genious.

  4. #164
    Join Date
    Oct 2007
    Location
    Toronto-ish
    Posts
    7,575

    Default

    It's a good thing most companies require strong passwords these days, so users write their passwords down on yellow sticky notes or leave them in clear-text files on the PC.
    Last edited by bridgman; 04-23-2009 at 11:34 AM.

  5. #165
    Join Date
    Aug 2008
    Location
    Finland
    Posts
    1,810

    Default

    Quote Originally Posted by Qaridarium View Post
    but in AES there are known flaws!
    I read the section about cracking AES you read. The first one if I understood just related to factorization which is hard unless someone starts building powerful quantum computers. While my German lacks, I'd say for relative certainty that the German Wiki page says that the second approach is purely theoretical.
    I might quote this thing from English Wikipedia page on timing attack which the Wiki page you talked of mentioned as the latest approach on the problem http://en.wikipedia.org/wiki/Timing_attack
    "Timing attacks are easier to mount if the adversary knows the internals of the hardware implementation, and even more so, the crypto system in use. Since cryptographic security should never depend on the obscurity of either (see security through obscurity, specifically both Shannon's Maxim and Kerchoff's Law), resistance to timing attacks should not either. If nothing else, an exemplar can be purchased and reverse engineered. Timing attacks and other side-channel attacks may also be useful in identifying, or possibly reverse-engineering, a cryptographic algorithm used by some device."
    Meaning someone would need to purposefully reverse-engineer the AMD security implementation to get absolute certainty that the cracking would actually work indefinitely.
    This seems to be one of the reasons for why AMD is so cautious about giving out full hardware specifications of their cards.

  6. #166
    Join Date
    Aug 2008
    Location
    Finland
    Posts
    1,810

    Default

    Quote Originally Posted by bridgman View Post
    It's a good thing most companies require strong passwords these days, so users write their passwords down on yellow sticky notes or leave them in clear-text files on the PC.
    Btw, I expect you are aware of the fact that if there is indeed even a fraction of organized crime behind piracy like media industry claims, someone will eventually reverse-engineer the cards no matter how well the information is guarded.

  7. #167
    Join Date
    Oct 2007
    Location
    Toronto-ish
    Posts
    7,575

    Default

    Quote Originally Posted by nanonyme View Post
    Btw, I expect you are aware of the fact that if there is indeed even a fraction of organized crime behind piracy like media industry claims, someone will eventually reverse-engineer the cards no matter how well the information is guarded.
    I agree completely. If we thought that cracking the graphics card DRM implementation was a viable approach for content piracy we probably would not have been able to provide much support for open source driver development in the first place. If you want to pirate protected media content there are easier ways to do it.

  8. #168
    Join Date
    Nov 2008
    Location
    Germany
    Posts
    5,411

    Default

    Quote Originally Posted by nanonyme View Post
    Oh, cool. So it would take only 48247532784267608970568097787748983353656788171230 145158795634555590179630324741547659478604 years to crack an alphanumeric password with spaces with length 60 by bruteforce methods by your calculations with the grid you visioned. You, sir, are a genious.
    But! AES has known flaws....

  9. #169
    Join Date
    Nov 2008
    Location
    Germany
    Posts
    5,411

    Default

    Quote Originally Posted by bridgman View Post
    It's a good thing most companies require strong passwords these days, so users write their passwords down on yellow sticky notes or leave them in clear-text files on the PC.
    LOL :-) thats a nice idear.. to get a blueray key.

  10. #170
    Join Date
    Sep 2007
    Location
    Paris, France
    Posts
    217

    Default

    Hey guys, for cracking a code for accessing a system, the best way ever made is still to grab a gun and respectfully ask for the password !


    I'm kiding, but not so much. Kevin MITNICK said that the best way ever made was simply to phone and simply ask the password, letting the user believe that it's an IT support call and the password must be confirmed for checking purposes (or any other story that seems true to the employee)...

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •