Announcement

Collapse
No announcement yet.

The UVD/UVD2 thread.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Originally posted by nanonyme View Post
    For your information 100 000 combos per second is insignificant. We're talking about easily over 91292051633079798989750131910067116342455228306074 83146366674788070551428931526296681935903540008509 26342401 total amount.

    That's right, and to top it off that Cuda cracker is only effective against extremely weak passwords.

    Another great breakdown of real numbers.

    Brute forcing a 256 bits cryptographic code without any known flaws (like WPA2 AES) means that they should test at worst 2^256 keys and average 2^255 (~ 10^76) keys.
    Letís say that they are using a new nVidia GPU with 1000 stream processors running at 10 GHz
    That is 10^13 instructions per second
    Now with their magical software they can check 1 key per instruction.
    So, they can check 10^13 keys per second
    Even with 1 billion of those GPU (10^9) they can "only" calculate 10^22 key per second (.
    At that rate, they need 10^51 seconds which is 10^43 years.
    As a reference, the estimate age of the universe is 10^14 years.

    Comment


    • Originally posted by deanjo View Post
      That's right, and to top it off that Cuda cracker is only effective against extremely weak passwords.

      Another great breakdown of real numbers.
      my point is diverend...

      NOW we have 100 000 valid tests per second..

      in 2 monds we have 150 000 valid tests per second becourse of 6 core CPU's

      and 40nm GPUs...

      2010 we have 32nm 12 core CPUs and 32 nm GPUs

      then we have 300 000 valid tests per second per PC unit....

      so if we make a P2P cluster and 1000 Linux users help with 2 PC units...

      we have 1000*2*300000= 600000000 valid tests per second:..

      so we now do this 1 year:

      600000000*365*24*60*60=1,89216^16 valid tests!

      "Brute forcing a 256 bits cryptographic code without any known flaws "

      but in AES there are known flaws!
      Last edited by Qaridarium; 04-23-2009, 09:31 AM.

      Comment


      • Originally posted by Qaridarium View Post
        600000000*365*24*60*60=1,89216^16 valid tests!
        Oh, cool. So it would take only 48247532784267608970568097787748983353656788171230 145158795634555590179630324741547659478604 years to crack an alphanumeric password with spaces with length 60 by bruteforce methods by your calculations with the grid you visioned. You, sir, are a genious.

        Comment


        • It's a good thing most companies require strong passwords these days, so users write their passwords down on yellow sticky notes or leave them in clear-text files on the PC.
          Last edited by bridgman; 04-23-2009, 10:34 AM.

          Comment


          • Originally posted by Qaridarium View Post
            but in AES there are known flaws!
            I read the section about cracking AES you read. The first one if I understood just related to factorization which is hard unless someone starts building powerful quantum computers. While my German lacks, I'd say for relative certainty that the German Wiki page says that the second approach is purely theoretical.
            I might quote this thing from English Wikipedia page on timing attack which the Wiki page you talked of mentioned as the latest approach on the problem http://en.wikipedia.org/wiki/Timing_attack
            "Timing attacks are easier to mount if the adversary knows the internals of the hardware implementation, and even more so, the crypto system in use. Since cryptographic security should never depend on the obscurity of either (see security through obscurity, specifically both Shannon's Maxim and Kerchoff's Law), resistance to timing attacks should not either. If nothing else, an exemplar can be purchased and reverse engineered. Timing attacks and other side-channel attacks may also be useful in identifying, or possibly reverse-engineering, a cryptographic algorithm used by some device."
            Meaning someone would need to purposefully reverse-engineer the AMD security implementation to get absolute certainty that the cracking would actually work indefinitely.
            This seems to be one of the reasons for why AMD is so cautious about giving out full hardware specifications of their cards.

            Comment


            • Originally posted by bridgman View Post
              It's a good thing most companies require strong passwords these days, so users write their passwords down on yellow sticky notes or leave them in clear-text files on the PC.
              Btw, I expect you are aware of the fact that if there is indeed even a fraction of organized crime behind piracy like media industry claims, someone will eventually reverse-engineer the cards no matter how well the information is guarded.

              Comment


              • Originally posted by nanonyme View Post
                Btw, I expect you are aware of the fact that if there is indeed even a fraction of organized crime behind piracy like media industry claims, someone will eventually reverse-engineer the cards no matter how well the information is guarded.
                I agree completely. If we thought that cracking the graphics card DRM implementation was a viable approach for content piracy we probably would not have been able to provide much support for open source driver development in the first place. If you want to pirate protected media content there are easier ways to do it.

                Comment


                • Originally posted by nanonyme View Post
                  Oh, cool. So it would take only 48247532784267608970568097787748983353656788171230 145158795634555590179630324741547659478604 years to crack an alphanumeric password with spaces with length 60 by bruteforce methods by your calculations with the grid you visioned. You, sir, are a genious.
                  But! AES has known flaws....

                  Comment


                  • Originally posted by bridgman View Post
                    It's a good thing most companies require strong passwords these days, so users write their passwords down on yellow sticky notes or leave them in clear-text files on the PC.
                    LOL :-) thats a nice idear.. to get a blueray key.

                    Comment


                    • Hey guys, for cracking a code for accessing a system, the best way ever made is still to grab a gun and respectfully ask for the password !


                      I'm kiding, but not so much. Kevin MITNICK said that the best way ever made was simply to phone and simply ask the password, letting the user believe that it's an IT support call and the password must be confirmed for checking purposes (or any other story that seems true to the employee)...

                      Comment

                      Working...
                      X