howtogeek at July 6th, 2013 06:42 — #1
Originally published at: http://www.howtogeek.com/166832/brute-force-attacks-explained-how-all-encryption-is-vulnerable/
Brute-force attacks are fairly simple to understand, but difficult to protect against. Encryption is math, and as computers become faster at math, they become faster at trying all the solutions and seeing which one fits.
ruja at July 6th, 2013 07:25 — #2
Third bullet at the end of the article: "Use strong encryption algorithms, such as SHA-512." SHA-512 is a hash algorithm, that is, it cannot be reverted, and as such, it cannot be used for encryption, as you won't be able to get back your decrypted data.
A strong encryption algorithm is AES-256. It is the encryption method used by the US Government for TOP SECRET information. You can use 7-Zip to compress any file to 7Z format and encrypt it with AES-256.
nsdcars5 at July 6th, 2013 09:31 — #3
I have the best reason as to why I don't encrypt everything I have on my laptop:
There's nothing on my laptop that can't be downloaded.
This, whatever the article title might suggest, is not vulnerable.
bigtech at July 6th, 2013 11:40 — #4
Password and such are not security as much as they are a test of determination. Any system can be broken (because ruber hose reverse-cryptography is still an option.).
That's basically very simple. FInd the person who has the data you need to crack the encryption.
Tie them down.
Briskly apply a rubber hose to the soles of their feet 10 times.
Ask for key.
Repeat steps 3 and 4 until information is provided.
cnavigator at July 6th, 2013 11:52 — #5
What about keyfiles, for example Keepass database keyfiles? They provide users something to authenticate with, wouldn't that protect against brute force attacks (in case the attacker has no access to the keyfile).
localhost at July 6th, 2013 13:28 — #6
I believe you're taking about this:
ahmed_el_qader at July 6th, 2013 14:49 — #7
can someone explain why the GPU is the most effective type of hardware in brute force attack?
nsdcars5 at July 6th, 2013 15:01 — #8
GPUs are very, very powerful. Google for "nvidia geforce gtx titan review" and you'll see.
EDIT: In fact, see the second image here: http://www.xbitlabs.com/articles/graphics/display/nvidia-geforce-gtx-titan_2.html
jackrock at July 8th, 2013 11:36 — #9
Keyfiles are another layer, and honestly, a good one. But a better option is two-factor authentication - so they not only need to know the password, they need to have physical possession of a specific device; common examples are a key fob, a smartphone with a pre-configured app, a small USB key (like LastPass' YubiKey).
Keyfiles don't really compare, since if an attacker has access to your encrypted password file, they can probably very easily grab any keyfiles that are located within the same network. So if you use a keyfile, make sure it's physically stored on another device (such as a removable USB stick), and don't leave it plugged int all the time.
jackrock at July 8th, 2013 11:39 — #10
In short, because of the gaming industry.
See, gamers want better, faster, and more realistic graphics. This translates into hardware manufacturers making better graphics cards. Part of that is better, faster GPUs. GPUs are basically auxiliary CPUs, but dedicated in purpose, and a slightly different "code book", if you will. But all processing is math at its core, so in that regard, CPUs and GPUs are not so dissimilar.
aj_ at July 9th, 2013 12:50 — #11
Think of CPUs and GPUs as groups of people. A CPU is a bunch on people who can tackle any problem with moderate efficiency. A GPU is a group of people who can do a few jobs very, very efficiency. Encryption algorithms just happen to be one of the things they're good at.
h_dang_ho at October 23rd, 2013 07:15 — #13
Let me get this straight, if someone has your encrypted files, and the brute force it, the best defense is a really long password? Something like ""your password"+Iwenttothestoreonmondayandboughtmilk"? Since it's really long it'll take forever to bruteforce it?
Edit sorry didn't mean to necro this but somehow it appeared somewhere near the newer things for me.