keyze opened this issue on Dec 03, 2011 · 97 posts
Penguinisto posted Tue, 06 December 2011 at 9:24 AM
Heh.
Crypto is a mixed bag; there are basically three ways to pop the cherry, so to speak...
Method #1: Hammering it from the front door is going to take a long time, so long as the passphrase wasn't "12345", or you don't have a supercomputing cluster to throw at the problem. OTOH, there are methods that don't involve testing one password at a time, such as Rainbow Cracking , where you use partially digested hashes as your base table.
Method #2: If you attack the application that encrypted the data, and if there are indeed flaws in that application, the crypto comes apart in very short order. This is what happened with Microsoft's SAM (Security Account Manager) database, which is how most folks' local OS logon passwords are encrypted. It is also why, if someone has physical access to your machine, it's 'game over' in no time at all.
Method #3: If you attack it by process (that is, you look for flaws in the mathematical process used to encrypt the data), and if there are indeed flaws, it can be cracked in relatively short order. Let me give you a small example of that approach here (PDF warning).
As you can see, brute force is only one of many means to get in.
The trade-off is time/effort vs. benefit. If the results aren't worth the time, then it can be considered relatively secure.
This changes as the variables do... for instance, if I were criminally-minded and Blackhearted's little wager netted me full access to a $1m USD bank account, you bet your ass I'd try to break it, but only for as long (and with as much) as I could reasonably spend - especially if netting that same million bucks could be had much easier by doing something else (e.g. steal credit card data from multiple people and recruiting mules to launder the money).
If I were a government, popping the crypto on a rival government's secrets would be well worth throwing millions (if not billions) of dollars into a means to break in, and time is no object.
OTOH, if I wanted to hijack some schmoe's DNS server to make a couple of bucks in a viagra scam, I'm not going to waste too much time trying to crack a FreeBSD/BIND rig that only gives me three tries before locking my IP addy from ever getting in again - I can move on to someone else who is using Windows Server 2008R2 with default settings and a crappy password.
Now... as for "da cloud!!!111!!OAMGBBQWTFPONIES!, patent pending, etc"? Meh - depends on what I get out of it, looking at it from a criminal viewpoint. If it only means downloading some vickie bits on the sideor some pr0n, screw that - there's more than enough of both for free out there. If it means stealing some compute time and hiding tracks for a bigger criminal project, okay... but I'd first be lazy about it and go phishing for passwords, or pass around a trojan that logs keystrokes. Breaking crypto comes way, way later, after all the lower-hanging fruit has been picked.
So what were we talking about again? I'm hoping 3d linux fembots with a penchant for evil, but I'll settle for anything that's not yet another 'OAMG teh V5 iz teh appocalypz!' thread... those are getting kinda stale, yanno?