Not sure why but krylacks brute force speed is dire for known simple algorithms like PKZIP look at their zip password cracker that back in the day when I was still using win98 on an AMD sempron 64 3400+ it was managing in the order of tens of millions attempts per second and that was considered as "usable" for brute forcing zip, RAR and ARJ are considerably slower and was not considered usable for all but dictionary attacks and known plain text attacks. It calculates the total possible ways you can select r unique symbols out of n unique symbols WITHOUT REGARD TO ORDER and using each possible symbol ONLY ONCE: ab & ba only count once and aa & bb are not allowed.Ī bit of a difference! To paraphrase George Orwell - They are all big but some are bigger than others. N!/(n-3)! = n(n-1)(n-2) = n(n-1)(n-2)Ī bit of a difference! To paraphrase George Orwell - They are all big but some are bigger than others.
Note: For those not remembering their math: no reuse of symbols but order is significantįor the 2nd symbol you can only choose 1 of the remaining n-1 symbols so there are n(n-1), possibilities.įor the 3rd symbol you can only choose 1 of the remaining n-2 symbols so there are n(n-1)(n-2), possibilities.ĭivide by the number of possible ways you can rearrange the r selected symbols to remove the significance of their order (= r!). To understand the math follow these scenario:įor the 1st symbol you can choose 1 of n symbolsįor the 2nd symbol you can still choose 1 of n symbols so there are n squared (n^2), possibilitiesįor the 3nd symbol you can still choose 1 of n symbols so there are n cubed (n^3), possibilities The number of unique possible strings while accounting for unique symbol order is but this still only uses each symbol once.įor passwords which can reuse symbols the correct formula is r^n (r raised to the nth power). It calculates the total possible ways you can select r unique symbols out of n unique symbols WITHOUT REGARD TO ORDER and using each possible symbol ONLY ONCE: ab & ba only count once and aa & bb are not allowed. Sorry OldScotty (#16) but the formula is not applicable to passwords and can be orders of magnitude too low.
0 kommentar(er)
