Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.security.pgp.discuss > #76

Re: TAC1441 Hardware Accelerator

From Jeffrey Goldberg <nobody@goldmark.org>
Newsgroups comp.security.pgp.discuss
Subject Re: TAC1441 Hardware Accelerator
Date 2011-07-10 01:44 -0500
Message-ID <97t03aF3beU1@mid.individual.net> (permalink)
References <p2ci17500i2j7oojcupvv7ftkc429rr52l@4ax.com>

Show all headers | View raw


On 11-07-09 11:56 PM, Unknown wrote:
> 
> 
> How strong is PGP against this?
> 
> TAC1441 Hardware Accelerator
> 
> http://www.digitalintelligence.com/products/tacc_hardware_accelerator/
> 
> Rack-A-TACC 
> http://www.digitalintelligence.com/products/rack-a-tacc/

Well, if we trust their advertising, they provide the answer(s) to your
question right on the pages that you linked to. Look at the charts for
their (claimed) passwords per second against different systems.

Because they have different rates for different things you can do with
PGP, you really have to look at the charts. But for decrypting your
private key, it looks like for 20,000 USD they can work at about 1,000
passwords per second, which isn't much at all.

But for PGP SDA they get up to about 100,000 which still shouldn't worry
anyone with a well chosen pass phrase (for the time being). But of
course, you have to decide how long someone would dedicate a $20,000 bit
of hardware to your password. Do you want it to hold up for days, weeks,
or years of dedicated attack?

I've recently written a post (for something other than PGP, but it
applies here) about creating a good pass phrase. It is a long post,
mostly explaining what is wrong with common password recommendations,
and eventually advising a combination of diceware with with something of
your own:

 http://blog.agilebits.com/2011/06/toward-better-master-passwords/

A plain (unaugmented) diceware password of five words (assuming the
attacker knew you used diceware) would resist one of those $20,000 units
for ... [doing some math now] ... 4.5 million years.

(That is a more optimistic result than I expected, so you should check
the math yourself).

Assumptions are

Possible five word diceware passwords: 6^25 = 28430288029929701376
(which is about 64.6 bits of entropy)

Passwords tested per second: 100,000 (from the advertising brochure you
listed).

Calculation:

Seconds to exhaust password space: 284302880299297 (password space /
100,000)

Average seconds to find: 142151440149648 (previous number /2)

Seconds per year: 31536000 (60 * 60 * 24 * 365)

Average years to find: 4507592 (4.5 million)

Assuming that password cracking proceeds linearly with devices (seems
safe), then if instead of throwing  20K USD of gear at your specific
password, they were to throw $1,000,000 dollars at it, that would reduce
the crack time to 90,000 years.

Anyway, y'all can do the math on your favorite scenarios. Just remember
that the entropy of a human created pass phrase is not so much a
function of how long it is and whether it has digits and symbols in it,
but instead on the number of possibilities that the system that you used
to create the pass phrase could have produced.  (See my blog post for
details).

Cheers,

-j



-- 
Jeffrey Goldberg          http://goldmark.org/jeff/
I rarely read HTML or poorly quoting posts
Reply-To address is valid

Back to comp.security.pgp.discuss | Previous | NextPrevious in thread | Find similar | Unroll thread


Thread

TAC1441 Hardware Accelerator Unknown <Unknown@Unknown.com> - 2011-07-09 21:56 -0700
  Re: TAC1441 Hardware Accelerator Jeffrey Goldberg <nobody@goldmark.org> - 2011-07-10 01:44 -0500

csiph-web