Suppose passwords are 8 characters, where a character can be
an upper-case letter, lower-case letter,
digit or special (printable) character.
If there are 32 special characters, then
948 > 252 different passwords
are possible.
Suppose passwords are hashed. Also, suppose there is a
dictionary of 220 passwords and we estimate that
a randomly selected password will be in the dictionary
with probability 1/2.
If we want to crack a single password then
Without using the dictionary, the expected work is about 251
With the dictionary, the expected work is about
1/2 251 + 1/2 219 ≈ 250
If we have a file of 128 password hashes and we would like to
crack any one of these, then
Without using the dictionary, the expected work is about
244
assuming that no salt is used. If the password hashes are salted, then
the work is about 251
With the dictionary, the probability that at least one of the 128
passwords is in the dictionary is
1 - (1/2)128 ≈ 1
So we can neglect the case where none of the passwords
are in the dictionary.
Using the dictionary on this password file,
the expected work factor is
assuming that the hashes are salted.
If the hashes are not salted, we could precompute
the hashes of the entire dictionary (220 hashes)
and amortize this work factor over the number of times
that the attack is used.