General brute force attack question
jimoe at sohnen-moe.com
Wed Jun 17 00:28:54 CEST 2015
My understanding of en-/decryption is that there is no indication of
progress toward finding a successful key match of a given encryption.
Only when the key is exactly correct will the encrypted data be revealed.
I have seen numerous TV and movie stories where someone is
frantically attempting to decrypt something and there is a progress
meter to indicate the current degree of success. Every time I see this
I think "That is total BS! It is all or nothing."
Related to this is the oft-repeated request to avoid identifiable
information (initials, birth date, etc.) in a cryptographic key. I
presume this gives an attacker a preferred set of characters to
attempt before moving on to truly random combinations.
Finally, a brute force attack requires potentially billions of
attempts. Obviously this cannot be done by trying the usual log in
screens or prompts; there are delays between attempts, and a limited
number of attempts per some interval. How does an attacker then
perform a brute force attack? Does he cadge a block of encrypted text
and hammer on that until success?
Is this a correct interpretation?
moe dot james at sohnen-moe dot com
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 181 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users