spektormax Posted January 16, 2007 Share Posted January 16, 2007 ok. first of all specs back in the house... so heres my idea, for those of you that don't know the MD5 algarithum front and back go to wikipedia, theres a great aretical, alternitavly you could go look at the rfc for MD5 but its not pritty AT ALL. So, those of you that are well firmiluare with MD5, you know that esencialy you are reducing a 512 bit (well 448) block to a 128 bit block thru 4 rounds of 16. In the MD5 algarithum you take the password and cut it up into 512 bit chuncks. THen, add a 1 and pad with NULLS till the length is 448%512. THen you add a 64-bit big edine to the end of the Block. Then you break it up into 16 32-bit little eddines. You then perform functions f,g,h, and i on ABCD and then rotate.(im over simplifing it but if you know what im talking about this is enough). Now, the MD5 algarithum was invented for more of an integready check algarithum for large files (greater than 1 MEG) that have alot of Blocks. Now the problem is that if you just do 512bit to 128 bit (forget about all the padding), thats a 4-1 reduction. Thats a 2^4 or 16 collisions (not that many, that means you ahve to go thru a full 2^128 passwords to theoreticly get 1 probable colision. If you do 2 Blocks, a 1KB file, its 2^4^2 or 256 collisions, that means that treated as a 1kb pass you have to do only 2^64th passwords to get a probbable colion because of 16-1 reduction. At 4KB you get 65535 collions and, at 8 its 2^32... now granted that these passwords are longer, and therefore ar equal in the number of crack cycles since a 1meg file=a 512 bit file in crackign puprosed (we are tallking megabits and kilabits). This causes the algarithum to work worse the bigger the Block number is. If you have a say 100meg file you have a HUGE number of collision, now granted that you still have the same number of crack sycles to get a collions, evnetialy the collions reach infinity, and the probablty of getting a collisoin of the nth attempt aprochase 100%. This makes shorter password thoereticly harder to crack. Asuming the averge password is under 14 char, you get 8bits*14char, or 112 non zero bits. That leaves 336 bits of zeros, next you have an automatic 1 at the 448th bit, so thasts 337 bits you know, Next, 7 bits of the 64-bits of the big eddine are used to give the bit length of a 14 char password (112<128). So that means taht you have 57 more known bits + the 337 gives you 394 known bits, and 118 that you have to calculate. Now asmuning that you have the 7 that are random, you have those 112 that can be attacked burte forcefully, and the other 7 can jsut be compiled thru the bruteforce. So we got back to 256^14 combinations thats alot, Lets start haking away at the ascii table, throw away all ther extended ascii since its not on the keyboard and most places that use MD5 (web forums likehak5( don't allow them. THats only 128^14, take out the first 32 numbers because you cant have say a new line char in your password. Thats 96^14, take away sybles tahts only 64^14 now thats still a CRAP load of collisons, but far better than 2^512 possibities. And its only 1/4 of that since probaility sates that tis a 4-1 reduction so there are 4 512 blocks for ever 128 bit hash. Now MD5 beats DES any day since DES is first of all all upercase so its only 2^36^7*2, so its VERY easy to crack. So in short MD5 collisons are MUCH faster to callculate then say MDCRACK can becasue of this fact, you take a chance on a ,001% of passwords but hey 1 hour vs 12 years for 99.9% of passwords any day. Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.