howtogeek — 2013-07-06T06:42:02-04:00 — #1
Originally published at: http://www.howtogeek.com/166832/brute-force-attacks-explained-how-all-encryption-is-vulnerable/
Brute-force attacks are fairly simple to understand, but difficult to protect against. Encryption is math, and as computers become faster at math, they become faster at trying all the solutions and seeing which one fits.
ruja — 2013-07-06T07:25:50-04:00 — #2
Third bullet at the end of the article: "Use strong encryption algorithms, such as SHA-512." SHA-512 is a hash algorithm, that is, it cannot be reverted, and as such, it cannot be used for encryption, as you won't be able to get back your decrypted data.
A strong encryption algorithm is AES-256. It is the encryption method used by the US Government for TOP SECRET information. You can use 7-Zip to compress any file to 7Z format and encrypt it with AES-256.
nsdcars5 — 2013-07-06T09:31:45-04:00 — #3
I have the best reason as to why I don't encrypt everything I have on my laptop:
There's nothing on my laptop that can't be downloaded.
This, whatever the article title might suggest, is not vulnerable.
bigtech — 2013-07-06T11:40:23-04:00 — #4
Password and such are not security as much as they are a test of determination. Any system can be broken (because ruber hose reverse-cryptography is still an option.).
That's basically very simple. FInd the person who has the data you need to crack the encryption.
Tie them down.
Briskly apply a rubber hose to the soles of their feet 10 times.
Ask for key.
Repeat steps 3 and 4 until information is provided.
cnavigator — 2013-07-06T11:52:53-04:00 — #5
What about keyfiles, for example Keepass database keyfiles? They provide users something to authenticate with, wouldn't that protect against brute force attacks (in case the attacker has no access to the keyfile).
localhost — 2013-07-06T13:28:25-04:00 — #6
I believe you're taking about this:
ahmed_el_qader — 2013-07-06T14:49:21-04:00 — #7
can someone explain why the GPU is the most effective type of hardware in brute force attack?
nsdcars5 — 2013-07-06T15:01:07-04:00 — #8
GPUs are very, very powerful. Google for "nvidia geforce gtx titan review" and you'll see.
EDIT: In fact, see the second image here: http://www.xbitlabs.com/articles/graphics/display/nvidia-geforce-gtx-titan_2.html
jackrock — 2013-07-08T11:36:16-04:00 — #9
Keyfiles are another layer, and honestly, a good one. But a better option is two-factor authentication - so they not only need to know the password, they need to have physical possession of a specific device; common examples are a key fob, a smartphone with a pre-configured app, a small USB key (like LastPass' YubiKey).
Keyfiles don't really compare, since if an attacker has access to your encrypted password file, they can probably very easily grab any keyfiles that are located within the same network. So if you use a keyfile, make sure it's physically stored on another device (such as a removable USB stick), and don't leave it plugged int all the time.
jackrock — 2013-07-08T11:39:31-04:00 — #10
In short, because of the gaming industry.
See, gamers want better, faster, and more realistic graphics. This translates into hardware manufacturers making better graphics cards. Part of that is better, faster GPUs. GPUs are basically auxiliary CPUs, but dedicated in purpose, and a slightly different "code book", if you will. But all processing is math at its core, so in that regard, CPUs and GPUs are not so dissimilar.
aj_ — 2013-07-09T12:50:47-04:00 — #11
Think of CPUs and GPUs as groups of people. A CPU is a bunch on people who can tackle any problem with moderate efficiency. A GPU is a group of people who can do a few jobs very, very efficiency. Encryption algorithms just happen to be one of the things they're good at.
h_dang_ho — 2013-10-23T07:15:49-04:00 — #13
Let me get this straight, if someone has your encrypted files, and the brute force it, the best defense is a really long password? Something like ""your password"+Iwenttothestoreonmondayandboughtmilk"? Since it's really long it'll take forever to bruteforce it?
Edit sorry didn't mean to necro this but somehow it appeared somewhere near the newer things for me.