General brute force attack question

James Moe jimoe at sohnen-moe.com
Wed Jun 17 00:28:54 CEST 2015


Hello,
  My understanding of en-/decryption is that there is no indication of
progress toward finding a successful key match of a given encryption.
Only when the key is exactly correct will the encrypted data be revealed.
  I have seen numerous TV and movie stories where someone is
frantically attempting to decrypt something and there is a progress
meter to indicate the current degree of success. Every time I see this
I think "That is total BS! It is all or nothing."
  Related to this is the oft-repeated request to avoid identifiable
information (initials, birth date, etc.) in a cryptographic key. I
presume this gives an attacker a preferred set of characters to
attempt before moving on to truly random combinations.
  Finally, a brute force attack requires potentially billions of
attempts. Obviously this cannot be done by trying the usual log in
screens or prompts; there are delays between attempts, and a limited
number of attempts per some interval. How does an attacker then
perform a brute force attack? Does he cadge a block of encrypted text
and hammer on that until success?

  Is this a correct interpretation?

-- 
James Moe
moe dot james at sohnen-moe dot com
520.743.3936

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20150616/e6dc2121/attachment.sig>


More information about the Gnupg-users mailing list