Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

What's the status with figuring out the encryption key and breaking all those passwords? Surely there are known passwords. Is there any distributed brute force attempt that I can help with?


1. That's probably illegal so if there was one it wouldn't be publicly advertised

2. If adobe weren't completely stupid (a big if admittedly) it will be infeasible to brute force (>100 bits of entropy)


> it will be infeasible to brute force (>100 bits of entropy)

Really? Even a massively distributed attempt?


100 bits of entropy takes around 10^26 seconds to crack [1]

Even if you somehow managed to get a botnet of 100 million machines, it would still take longer than the age of the universe to brute force it.

Security of 3DES is effectively 112 bits [2] if random keys are used. Although as I said, this is assuming adobe weren't completely stupid (and reused one or more of the keys, or used non-random keys)

   [1] https://dl.dropboxusercontent.com/u/209/zxcvbn/test/index.html

   [2] http://en.wikipedia.org/wiki/Triple_DES




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: