How long would it take to bruteforce a password that’s 300 random characters on Veracrypt at Serpent–Twofish–AES? – Digitalmunition




Home Forums How long would it take to bruteforce a password that’s 300 random characters on Veracrypt at Serpent–Twofish–AES?

This topic contains 1 reply, has 2 voices, and was last updated by  DrinkMoreCodeMore 4 weeks ago.

  • Author
    Posts
  • #310956

    anonymous
    Participant

    I’m just curious because I have a rar folder I password-protected (then forgot the password) and no matter how long I leave these programs running to crack it, they can’t seem to do it. And that password’s only like 30 characters or so. So if I tried the same thing on a Veracrypt folder, how long would that take? I copied some random pgp key from the internet to use it at the end of a password I remember. I kept the copy of the pgp key hidden so I wouldn’t have the same problem over again.

    Assume you have as many supercomputers as you need or a theoretical quantum computer: how long?

  • #310957

    DrinkMoreCodeMore

    >I copied some random pgp key from the internet to use it at the end of a password I remember.

    There isn’t enough computing power, time, or power on the planet to crack something like that.

    In short, you are fucked.

  • #310958

    zombie042

    For classical computers and cracking of passwords via brute force it comes down to cracking speed, length, and character set is all. The equation is just:

    [Character Set of Password]^[Length] / [Cracking Speed] = [Max Time to Crack]

    So for a simple lowercase password of 8 characters at 10,000 passwords attempts per second it would take:

    26^8 / 10000 = 208827064576 / 10000 = About 242 days at most

    Note that the 10,000 passwords per second can be increased very easily by just throwing more hardware at the problem.

    For your 30 character password, and IF it was just lowercase, the max time at 10,000 per second would end up being about 3.21*10^34 years to brute force (That is 3 with 34 zeros after it!)

  • #310959

    palpitations

    If you were to take the entire mass of the universe and compress it down into a computer with the density of a black hole, operating at theoretical peak efficiency, you could expect that computer to complete approximately 10^229 calculations before it evaporated due to Hawking radiation. *(Kurzweil, Ray (2005). The Singularity is Near. New York: Viking. p. 911.)*

    VeraCrypt has a maximum password length of 128 characters, and PGP keys are Base64, giving you a total key space of 64^128, or around 10^231.

    This means, if you were able to turn the entire universe into a perfectly efficient computer, you’d be able to test… *does a little back of the napkin math*… approximately zero percent of the total key space.

    Note: I’m fucking awful at math and way too tired for this shit. But yeah, it basically isn’t happening, even given essentially unlimited resources and time.

  • #310960

    twystoffer

    If it’s using AES-256 bit encryption, then there isn’t enough cycles on the planet to crack that in a reasonable time.

    A quantum computer, on the other hand, is said to be able to chew through classical digital encryption with little difficulty.

    Although from what I can tell, you’d need a minimum 6681 qubit computer to decrypt aes-256, and we haven’t broken 100 cubits yet.

    So how long? A few decades maybe.

  • #310961

    jabasdaddywhore

    Brute forcing a 12 character WPA2 password takes over 2200+ years, so your chances are good!

    Edit: that’s with 2 x 1080Ti and a 1060 @ 1400kh/s

  • #310962

    Xy74iljxxk

    At least 5 minutes
    /s

  • #310963

    Anonymous

    yes

You must be logged in to reply to this topic.