Brute force attack: Difference between revisions

Browse history interactively ← Previous edit Next edit →Content deleted Content addedVisual WikitextInline

Revision as of 17:56, 17 September 2004 editCompulsion (talk \| contribs)57 edits Changed Plain text to Plaintext← Previous edit		Revision as of 18:20, 17 September 2004 edit undoCharles Matthews (talk \| contribs)Autopatrolled, Administrators360,571 editsm catNext edit →
Line 1:		Line 1:
	In the field information system security a '''brute-force attack''' is a method to determine the ] of an ]. While simple to implement, it is a ] method of attack. A brute-force attack is similar to a ].		In the field of information system security a '''brute-force attack''' is a method to determine the ] of an ]. While simple to implement, it is a ] method of attack. A brute-force attack is similar to a ].

	The implementation of such an attack involves the generation of a series of keys either ]ically or from a predetermined list. The latter is also known as a ]. <!-- IMHO a dictionary attack and a brute-force attack are two separate things. kbh3rd --> The generated keys and the chosen ] are applied to the message to produce a ]. Each passage of ] must be ] to determine if it is a valid and therefore properly decrypted message.		The implementation of such an attack involves the generation of a series of keys either ]ically or from a predetermined list. The latter is also known as a ]. <!-- IMHO a dictionary attack and a brute-force attack are two separate things. kbh3rd --> The generated keys and the chosen ] are applied to the message to produce a ]. Each passage of ] must be ] to determine if it is a valid and therefore properly decrypted message.
Line 12:		Line 12:
	==External links==		==External links==
	* , a successful brute-force challenge project.		* , a successful brute-force challenge project.

			]

Revision as of 18:20, 17 September 2004

In the field of information system security a brute-force attack is a method to determine the decryption key of an encrypted message. While simple to implement, it is a computationally expensive method of attack. A brute-force attack is similar to a Brute-force search.

The implementation of such an attack involves the generation of a series of keys either algorithmically or from a predetermined list. The latter is also known as a dictionary attack. The generated keys and the chosen cipher are applied to the message to produce a plaintext. Each passage of plaintext must be verified to determine if it is a valid and therefore properly decrypted message.

This is an extremely time-consuming task, the effort for which increases exponentially with the size of the key. Cracking a message with a relatively miniscule 6-digit alphanumeric key has $62^{6}$ possible solutions, each of which must be run through the verfication process.

The benefit of a brute-force attack is that, given enough time, the correct key is guaranteed to be found. The relative security of a crytpographic system can be measured by the mean time required to find a key by brute force, and the security of an encrypted message may be expressed as the expected number of years required to thus determine its encryption key. This time decreases with increases in the power of computers. The decreasing cost and increasing power of computing resources has caused the National Institute of Standards and Technology to propose withdrawing the 56-bit-keyed Data Encryption Standard as an encryption standard in 2004.

External links

Project DES, a successful brute-force challenge project.

Category:

Cryptographic attacks

Misplaced Pages