http://www.mandylionlabs.com/index15.

htm

USE TO ESTIMATE TIME FOR THE MORE DIFFICULT BRUTE FORCE ONLY
(DICTIONARY LOOKUP ATTACKS WHICH ARE TRIED USUALLY FIRST TAKE SECONDS
AND GET AN AVERAGE OF 25% of ALL PASSWORDS)
Click here to go to MandylionLabs Web Site
Character
Length Sorted by(see "how to use this calculator" tab): Set Size Entropy or Keyspace of password
Upper Case Letters 26 1
Lower Case Letters 26 1
Numbers 10 1
Special Characters 32 1
or Purely Random Combo of Alpha/Numeric 62 1
or PURELY Random Combo of Alpha/Numeric/Special 94 1
ASE or WORD SUBJECT TO A DICTIONARY ATTACK 5 1

password length in Characters 0 1 or

#N/A
The only USER INPUT AREA -- insert
password parameters here see tab:
'How to Use this Calculator" for further detail ./2 Reduce Keyspace Search by
Law of Averages
Total Workload in Floating
1 Point Processes

Average Assigned Workload/Computer

Number of Keys a Desktop Computer Can Try efficiently in an 17 billion tries in an hour (Very
Hour(=2*2^33) 17,179,869,184 High Performance)

Estimated Gross Number of hours to Crack 0.00 hours

On Distributed Level: 0.00 days
If Number of Machines Employed were:
(per distributed.net efficient workload 10.00 0.00 hours
for 1/2 hour is now(2202) 2^33
keyspace search(was 2^28) 50.00 0.00 hours
100.00 0.00 hours
250.00 0.00 hours
500.00 0.00 hours
1,000.00 0.00 hours
10,000.00 0.00 hours
100,000.00 0.00 hours
 http://www.mandylionlabs.com/index15.htm

The red area is the only area of user input -- The calculator is organized to give you two ways
composition
-- the first way is by separately putting in the number of alpha / numeric / special characters in th
-- on each of their separate lines (and seeing the total adds up to you total password length); and

Click here to --the 2nd way just by putting in the total number of positions in the password on either the "rando
go to the "random combo" alpha/numeric/special character line if special characters are included- or th
MandylionLa dictionary attack line
bs Web Site
The result of the two methods can vary widely -- for instance if I have a password comprised of 4
1 special character -- if they were entered separately ( and made sure the total for password length
14 billion positions in the keyspace and about .43 of an hour or about 25 minutes to get that crac
the random combo field -- it would show in the "gazillions" and would take about 177k hours to

Why the difference? -- simple -- the calculator tries to approximate what L0pht crack algorithm
engineering -- i.e. a propensity to make even supposedly "strong" manually made up passwords-
giving the hacker an educated guess on the predictable pattern of just its composition -- which gi
start in where to start the brute force attack -- the logic is -- the in brute force mode you are resol
position in the keyspace in finding the answer, why not start that search in the most likely areas --
characters, patterns, etc.

For instance, the cracking programs rely on the fact that a typical user will probably not start a pa
in the first position but will put nearly always put it somewhere near the end of the space-- theref
amounts of cracking time with a cracking program that is written to contemplate this - so that it w
guessing attack on a password that assumes a special character is in the first position, or a user wo
that has a password composition policy -- will almost always subconsciously mimic the wording
trying to comply with it -- i.e. if policy says it must contain at least 8 characters -with at least one
(alpha upper, alpha lower, numeric, and special characters) represented -- users under that policy
hence the cracking programs will improve their odds of cracking speed by doing these first) crea
follows that order in the policy - i.e. an 8 character password that looks like this -- As1%1234 wh
compliance with policy out of the way "up front" then a suffix with something easy to remember

In essence, these cracking programs go through a protocol of routines or hacking steps from great
greatest effort/least reward (i.e. purely random) hoping to get lucky and snag an answer before th
keyspace.

The following is a good reference on how L0phtcrack uses logic such as this to take educated gue
should first start looking for a matching pattern.
http://online.securityfocus.com/infocus/1319
ized to give you two ways to enter a password's

ic / special characters in the password-- if they are known

otal password length); and

ssword on either the "random combo" alpha/numeric line or

haracters are included- or the phrase or word subject to a

a password comprised of 4 upper alphas and 3 numbers and

he total for password length read 8) -- it would show about
25 minutes to get that cracked if however, I just put 8 in
d take about 177k hours to crack --

what L0pht crack algorithms take advantage of --social

ually made up passwords- easy to remember and thereby
ts composition -- which gives them a tremendous head
e force mode you are resolved to trying each and every
h in the most likely areas -- i.e. standard polices, repeating

will probably not start a password with a special character

he end of the space-- therefore you can shave enormous
ntemplate this - so that it will not start a brute force
e first position, or a user working within an environment
ciously mimic the wording of the policy when they are
haracters -with at least one of each of the character sets
d -- users under that policy will then most likely -(and
d by doing these first) create a password that literally
s like this -- As1%1234 where they get their "minimum
mething easy to remember ---1234

or hacking steps from greatest reward/least effort to finally

d snag an answer before they have to go through the entire

as this to take educated guesses at where it the keyspace it

Mean Time to Brute Force Attack a Key Space
worksheet http://www.mandylionlabs.com/index15.htm

Click here to go to MandylionLabs Web Site

Definitions
Plain Text A series printable keyboard characters (i.e. like a
password)

Password A series of printable keyboard characters used to

uniquely identify a person or device as having
authorization to access resources or data or space

Cipher Text Plain text which has been encrypted by either

encryption software or transparently via the browser,
operating system or data communications utility. Also
see encrypted stream.
A series of 1 and 0's representing the transmission of
Encrypted Stream encrypted plain text which cannot be decoded to arrive
back at its plain text equivalent
The Encrypted
Hash or One Way Hash See Encrypted Stream or Cipher text attempting to be
decoded (cracked) via comparison with other know
Target Cipher Text encrypted streams

Encoding Plain Text The process of encoding plain text to cipher text

Keyspace
The total number of possible comparisons to an
encrypted stream

Flops/Megaflops/Gigaflops
Floating point operations/second -- a measure of a
CPU's processing power doing complex calculations;
Mega is million; Giga is billion; Rule of thumb, most
desktop machines now can perform at several hundred
megaflops/sec -- and the high end machines have just
recently broken the gigaflop threshold. Can only be
empirically calculated via benchmark tests which are
performed on all major CPUs and results published
A single attempt at Encoding Plain Text and
Comparisions, Tries or Guesses Comparing the Result to a Target Cipher Text to see if
they are equal-rule of thumb- a single attempt is
approximately equal to single floating point processing
step

Total Workload The calculated number tries necessary to break a given

code (keyspace/2)

Average Assigned Workload

For distributed processing applications, the average
portion of the total workload assigned to be solved by
a particular CPU. Assigned workloads take into
account average CPU size and capability, average
CPU utilization, average time online and available for
processing. Current rule of thumb is 2 to the 33 power
for 1/2 hour of computing time per session at less than
10% utilization.

Entropy See Keyspace

Code Breaking Accepted 50/50 Chance - i.e. a code has an equal chance of
Law of Averages being broken anywhere throughout the entire
Keyspace (i.e. could be on first try or last but average
is 1/2 way through all tries)

million 1,000,000 1*10^6 6

billion 1,000,000,000 1*10^9 9
trillion 1,000,000,000,000 1*10^12 12
quadrillion 1,000,000,000,000,000 1*10^15 15
qunitrillion 1,000,000,000,000,000,000 1*10^18 18
sextillion 1,000,000,000,000,000,000,000 1*10^21 21
septillion 1,000,000,000,000,000,000,000,000 1*10^24 24
octillion 1,000,000,000,000,000,000,000,000,000 1*10^27 27
nonillion 1,000,000,000,000,000,000,000,000,000,000 1*10^30 30
decillion 1,000,000,000,000,000,000,000,000,000,000,000 1*10^33 33