Math of Password Cracking
- Suppose passwords are 8 characters, where a character can be
an upper-case letter, lower-case letter,
digit or special (printable) character.
If there are 32 special characters, then
948 > 252 different passwords
- Suppose passwords are hashed. Also, suppose there is a
dictionary of 220 passwords and we estimate that
a randomly selected password will be in the dictionary
with probability 1/2.
- If we want to crack a single password then
- Without using the dictionary, the expected work is about 251
- With the dictionary, the expected work is about
1/2 251 + 1/2 219 ≈ 250
- If we have a file of 128 password hashes and we would like to
crack any one of these, then
- Without using the dictionary, the expected work is about
assuming that no salt is used. If the password hashes are salted, then
the work is about 251
- With the dictionary, the probability that at least one of the 128
passwords is in the dictionary is
1 - (1/2)128 ≈ 1
So we can neglect the case where none of the passwords
are in the dictionary.
Using the dictionary on this password file,
the expected work factor is
1/2 219 + 1/22 (220 + 219)
+ 1/23 (2 220 + 219) + ⋅ ⋅ ⋅
+ 1/2128 (127 220 + 219) = 6 218
assuming that the hashes are salted.
If the hashes are not salted, we could precompute
the hashes of the entire dictionary (220 hashes)
and amortize this work factor over the number of times
that the attack is used.