Topic: https://webscale.plumbing/one-password-cracking-challenge-part-1
hide preview

What's next? verify your email address for reply notifications!

unverified 5y, 219d ago

You should be... embarrassed to have published this analysis.

(a) If you're considering spending $175k on AWS hours, you'd probably have buying a few $15k servers outright as an option.

(b) The password dictionary problem is about permutations, not combinations. If the password consists of three words without repetition, and you divide the original wordlist such that those three words are not in the same 250-word partial list, you will never crack the password even after spending $400k.

remark link
hide preview

What's next? verify your email address for reply notifications!

s02HG8mh 5y, 207d ago

I respectfully disagree. This is a "negative finding" and doing the analysis actually prevented me from pursing what would have been a more expensive idea. I was actually pretty happy that I had an idea and instead of just doing it, being able to calculate how much better or worse it would be.

The pricing of $175k in AWS is just that. I would not spend $175k to win a $12k contest. As is, the contest is not really profitable for someone who doesn't already have their own hardware.

One point on b) - the choosing of a 250-word partial list would choose a different list each time (or mostly different, depending on the random generator). So there would be 950,000 different lists of 250 words and one of these would most likely (90%) contain the three words in a passphrase. But this idea ended up being what my calculation showed was very expensive.

One other bonus is I got to use this blog post as a chance to figure out how to use LaTeX math stuff in a Pelican blog.

So all in all I'm quite happy with the result.

hide preview

What's next? verify your email address for reply notifications!

russell 5y, 186d ago

My gut reaction was also using spot instances. Very cool write up!

hide preview

What's next? verify your email address for reply notifications!