Giuseppe: security - Password strength checkers that take into account Moore's Law? -

Friday 15 April 2011

security - Password strength checkers that take into account Moore's Law? -

I was about to change my annual password on my accounts and to try different sites (Microsoft, Endeps, Etc.) tried some empirical fictional passwords Some sites seem to be a bit more deeper in comparison to other sites in evaluating the power of passwords, but this made me wonder if any site Moors would keep in mind the law. That's it, about one Hears that "it would take 130,000 years to crack the password X", but it takes into account that the computer can be doubled in speed every two years?

I would be really curious to see if these sites lead to this account, or if there is a site that someone can suggest?

None of these calculations actually take law into account law. But we see why we can show why we do not have it:
Moore's law states that the power of processing will be doubled in every 18 months (but not for our purposes Is enough)
So this means that today, 130 years, it will be 65 years in 18 months. And 32.5k in 36 months, and so on, and so on.
We can come up with an equation for that!
Price-time-time = cost- today * 0.5 ^ (month / 18) So today the cost of plugging, we can see this good (X is the year): y = 130000 * .5 ^ (x / 1.5) So, let's see that in our 50 years of 130k years What will be our cost for password: y = 130000 * .5 ^ (50 / 1.5) y = 130000 * .5 ^ 33.3333 y = 0.000012 years (~ 6.3 minutes) It's very fast! How about 10 years? Y = 130000 * .5 ^ (10 / 1.5) y = 130000 * .5 ^ 15 y = 1279 years it is still very strong It is ... However. It also remembers the point of tunable algorithms, such as the bibliographies and scripts that are designed to be able to defeat Moore's law. So if you use a script, script or PBKDF2, and tuning the cost, then it is a constant time, your password which today is cracked for 130k years (estimated), now It will also take 130 years to crack in 50 years. Now, of course, the matter is not resolved where an attacker is stealing the password hash today, and attacks him in the next 50 years ... but I have to ask what your password is Would that a crypto-stupid attempt to attack next 50 years?

Posted by Unknown at 03:22 Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest

No comments: Post a Comment

Newer Post Older Post Home Subscribe to: Post Comments (Atom)

About Me Unknown View my complete profile Blog Archive ► 2015 (1886) ► September (203) ► August (208) ► July (224) ► June (210) ► May (230) ► April (195) ► March (209) ► February (201) ► January (206) ► 2014 (2117) ► September (239) ► August (251) ► July (226) ► June (208) ► May (229) ► April (199) ► March (255) ► February (275) ► January (235) ► 2013 (2011) ► September (199) ► August (228) ► July (210) ► June (222) ► May (217) ► April (229) ► March (243) ► February (221) ► January (242) ► 2012 (1993) ► September (227) ► August (235) ► July (225) ► June (206) ► May (221) ► April (216) ► March (206) ► February (227) ► January (230) ▼ 2011 (1964) ► September (220) ► August (222) ► July (219) ► June (224) ► May (219) ▼ April (206) c - test if strstr return a valid pointer - wpf - Visual Tree Finder is returning null while s... Outputing backslash in a C++ macro - image - Is there a equivalent of Android's BitmapF... Generating really big Java code - backbone.js - Should all Backbone on/off events be... PHP, regex, and capitalization - About javascript function - resources - Java closing/cleaning up - Creating a startup daemon for a shell script in Fr... android - How to pass a Parcelable Extra to anothe... twitter - PHP foreach how to access variable outsi... ruby on rails - How to set attribute from code and... facebook graph api - FQL does not return all news ... Hiding my rails div using JS - python - xlwt write excel sheet on the fly - Combining two regular expressions in boost regex - c++ - Visual Studios (2012 pro mainly) file locati... sql - Is it possible to rollback create_all in sql... C# Acces functions within methods - WordPress Custom Post Type and Custom Template - git - How to remove all remote tracking branches t... How to display all columns associated with duplica... Regex for Valid Email address or Valid alpha numer... perl - regex with variable part - html - How to view your site with internet explore... using map in python 3 - IOS In App Purchase: can I let the user buy again ... c# - Input text control disappears on postback - java - Recalling an Int from a method? - c - Having trouble using if statement with for loo... c# - Fetching row from SQLite database consumes 10... ios - Sort an NSArray of NSString by ignoring spac... java - whats wrong with this code? - python - 'variable' or 'variable is not None' - c++ - Subtracting two chars and adding them to a s... paperjs - Hit test with a radius on a point - c# - How to Convert ListView to Datatable in WPF? - jquery - having trouble convert getJSON data to mo... mysql - GROUP BY DAY(FROM_UNIXTIME) unexpectedly c... CodeIgniter redirect to another function when requ... python - Using Property to duck type two models - c# - How to see the files of WorkingDirectory of Q... c# - Getting a singleton instance using SimpleInje... Eliminating part of arrays in matlab - how to add a dynamic date filter to Access report - r - Shiny Binary Check boxes - standards - Does the top-level value in JSON have ... asp.net - jQuery: adding a class to child elements... php - Array_Push AutoComplete - Java: read bytes from a utf-8 file - jquery - Placing image in front of background - linux - Fastest way to create animated gifs from m... asp.net mvc - RESTful application - django - Building REST APIs for python - mysql - PHP Array comes out backwards - semantic web - SPARQL - learning by example - python - Speed up feedparser - payment gateway - PayPal API - accept a credit car... python - How to fix the "'str' object has no attri... c# - Show all null fields in a IEnumerable query - php - removing \n from a string retrieved from DB - transition - jQuery animate scroll to ID using eas... asp.net - 2 Modal Popups - properties being switch... I need a shorter access to my jQuery Plugin methods - performance - Is branch divergence really so bad? - oracle - oracle11g sql: Warning: Type created with... php - Retrieving combo box value - java - Combining array indexes - git, trying to pull a specific commit from remote,... javascript - Disable Horizontal Scrolling on Mobil... jquery - Why is one number valid json? - alignment - Trying to use jQuery to horizontally d... javascript - recognizing actions on an iframe - python - Script crashes if type wrong or nothing - r - closing unused RODBC handle - Need to push all JSON into an array from AJAX, in ... Grails Resources render resources for disposition ... ajax - Partial View Submit inside Parent View MVC ... mysql - SQL - Get highest and lowest record - html - Simple/Best way to load Web App as Windows ... Java - Apache POI - Trouble filling rows and cells... android - Best way to create multi-platform mobile... ios - Detect the presence of nonbreaking space in ... python - Puzzling "'tuple' object does not support... osx - Long commands wrapping in terminal - HTML Popup Form Without Involving Address - javascript - Display a pop-up on radio button click - iphone - How to autoscroll image by image? - Azure: Output not as expected in Blob Write - javascript - using .wrapInner instead of .show() - android - is there Backgroundworker for java ( lik... javascript - Using $scope functions from a differe... version - Force new install instead of upgrade in ... html - Increase the height of DIV with jQuery anim... iphone - Exchange data between iOS app and Mac app... internet explorer - IE9 download issue php pdf and... convert doc to html by php script - matlab - Histogram of lengths (or anything else ph... command line - Print which of a list of input term... ► March (216) ► February (221) ► January (217) ► 2010 (1952) ► September (230) ► August (202) ► July (221) ► June (207) ► May (213) ► April (199) ► March (234) ► February (244) ► January (202)

Powered by Blogger.