Statistic on password cracking speed needed
Results 1 to 5 of 5

Thread: Statistic on password cracking speed needed

  1. #1

    Statistic on password cracking speed needed

    Hi everyone
    As part of a university assignment, I am in need of statistics on speed of password cracking software (ie number of passwords/second).

    I have googled and searched AO and the most I was able to find was a figure of 15 million/sec on a 1 Ghz machine using a Archive Password recovery tool. For the purposes of what I am writting I am really after statistics relating to operating system password cracking (specifically Windows 2003). Still possibly a stat I could use if nothing else available, but just looking for a little closer to the situation I am writing about.

    Any reference anyone could point me too would be much appreciated.

    Regards

    TG

  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    Hi TechGrunt

    Sorry I cannot help too much right now, other than to raise a few questions.

    As you are talking Windows Professional you have a password of a potential 127 characters (the 128th. is a check digit IIRC)

    Now, the speed will depend on the length, so you can crack the old 9x/ME 14 character passes much faster.

    Are you looking at a single machine or multiple machines for the crack?

    I assume that it is dedicated?.............all the stats I have seen assume that, otherwise you are complicating things by sharing resources.

    I suppose that the big question is whether you are using Rainbow Tables or not. If you are just doing a straight comparison against a table set, it is a lot faster than building your brute force on the fly?

    The problem is that the stuff I have got only looks at the complexity of the password and the probable amount of time to crack it. Actual performance times (volumes) are hard to come by...........I guess that reflects the massive improvements in hardware over the past few years?



    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #3
    Hi Nihil
    Not looking for anything too specific here. What I am writing isn't specifically on password security just an element of a larger computer security paper. Ideally what I am after is a stat you would find in a product specification which would specify capabilities of passwords/sec on dedicated maching with XYZ Ghz CPU. I am trying to illustrate the reason for setting reasonable length and complex passwords on a Windows system.

    Regards

    TG

  4. #4
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    Hi TechGrunt

    Are we going to be using precalculated tables or doing it on the fly?..............that will affect speed, as the tables remove the generation step.

    Also, how long will the password be, or would you want that to be a variable (probably steps) like 10 Characters, 15, 20, 25 and so on?

    Another thought I had was single/multiple processors and single/dual cores?



    I am afraid that it is a lot more complicated these days.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  5. #5
    Hi Nihil
    Sadly most things are more complicated these days I suppose.

    The scenarios I proposed in the paper is as follows:
    Windows 2003 Standard Edition
    Pasword length of 7 characters
    Password complexity rules enforced
    Cracking technique of brute force on the fly
    Single processor/core off-the-shelf machine with no special modifications to assist with the task (trying to illustrate the ease at which the technology can be obtained to complete this type of task)

    Any help you can provide much appreciated here

    Regards

    TG

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides