crypto-coin miners use these cards.
there are boxes which can hold 4 of these cards.
With no consideration for any delay in entering or in the password 
system itself, across 218 trillion combinations...
that is 400,000 attempts/sec * 3600 (1 hour) * 24 (1 day) * 364 (1 
year) = 17,870,400,000,000 attempts/year
this is about 12 years and 2 months. (Tim i think one of our 
calculations is off).

This 12 year time period is not how long it will take to crack a 
specific 4D password, via brute force, it is worse case scenario. It 
assumes that the password to be cracked is the LAST one to be tried. 
There is nothing that says that the very first password tried is not 
correct.  In which case it would take 1/400,000 of a sec.

I think, that we can reasonably say that it should take 6 years 1 month 
to crack a password on average.
Not every password to be cracked will be the first, nor the last.

if the attempt is serious, and worth while, multiple systems can be 
used to reduce this time further, add another 4 GPUs (3 years), or 
another 8 (1.5 years), or 16 (8 months) on average....

I, personally, do not know anything about the bcrypt algorithm, nor 
about 4D's implementation (or whatever code they sourced from). The 
algorithm maybe *perfect*, and completely unbreakable within the life 
time of the universe, however, that does not mean that the specific 
implementation does not have flaws, and more then likely there is a 
flaw in the algorithm; if they exist, both of these errors can be used 
to exploit the encrypted data. These exploits will be faster, 
magnitudes faster, then a simple brute force attempt.

While i believe 4D's password implementation has changed over the 
years, some of you may remember there was an exploit available to 
expose all of the users/passwords of a 4D system. I believe this broke 
in v2003. The point is - it existed.

my 2 cents

Chip


On Mon, 9 Sep 2019 14:35:42 -0500, Tim Nevels via 4D_Tech wrote:
> This link talks about using an "8x Nvidia GTX 1080 Hashcat” GPU ― 
> whatever that is ― which can calculate 100,000 bcrypt passwords per 
> second. 
---------------
Gas is for washing parts
Alcohol is for drinkin'
Nitromethane is for racing 
**********************************************************************
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:[email protected]
**********************************************************************

Reply via email to