Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Brute-force attack
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{Short description|Cryptanalytic method for unauthorized users to access data}} {{Use mdy dates|date = March 2019}} {{About|the cryptanalytic method|similarly named methods in other disciplines|Brute force (disambiguation){{!}}Brute force}} In [[cryptography]], a '''brute-force attack''' or '''exhaustive key search''' is a [[cryptanalytic attack]] that consists of an attacker submitting many possible [[Key (cryptography)|key]]s or [[password]]s with the hope of eventually guessing correctly. This strategy can theoretically be used to break any form of encryption that is not [[information-theoretically secure]].{{sfn|Paar|Pelzl|Preneel|2010|p=7}} However, in a properly designed cryptosystem the chance of successfully guessing the key is negligible. When [[Password cracking|cracking passwords]], this method is very fast when used to check all short passwords, but for longer passwords other methods such as the [[dictionary attack]] are used because a brute-force search takes too long. Longer passwords, passphrases and keys have more possible values, making them exponentially more difficult to crack than shorter ones due to diversity of characters.<ref>{{Cite news|last=Urbina|first=Ian|date=2014|title=The Secret Life of Passwords. The New Times.|newspaper=The New York Times|url=https://www.nytimes.com/2014/11/19/magazine/the-secret-life-of-passwords.html|access-date=|website=}}</ref> Brute-force attacks can be made less effective by [[Obfuscation (software)|obfuscating]] the data to be encoded making it more difficult for an attacker to recognize when the code has been cracked or by making the attacker do more work to test each guess. One of the measures of the strength of an encryption system is how long it would theoretically take an attacker to mount a successful brute-force attack against it.<ref>{{Citation|last1=Schrittwieser|first1=Sebastian|title=Code Obfuscation against Static and Dynamic Reverse Engineering|date=2011|url=http://dx.doi.org/10.1007/978-3-642-24178-9_19|work=Information Hiding|pages=270β284|place=Berlin, Heidelberg|publisher=Springer Berlin Heidelberg|access-date=2021-09-05|last2=Katzenbeisser|first2=Stefan|series=Lecture Notes in Computer Science|volume=6958|doi=10.1007/978-3-642-24178-9_19|isbn=978-3-642-24177-2|url-access=subscription}}</ref> Brute-force attacks are an application of brute-force search, the general problem-solving technique of enumerating all candidates and checking each one. The word 'hammering' is sometimes used to describe a brute-force attack,<ref>{{cite web |title=Secure your site from Brute force attacks using Sebsoft's Anti Hammering Authentication Plugin #MoodlePlugins #MoodleSecurity |url=https://www.elearnmagazine.com/technology/secure-your-site-from-brute-force-attacks-using-sebsofts-anti-hammering-authentication-plugin-moodleplugins-moodlesecurity/ |website=elearnmagazine.com |date=January 16, 2016 |publisher=e Learn Magazine |access-date=27 October 2022}}</ref> with 'anti-hammering' for countermeasures.<ref>{{cite web |title=Configure Serv-U to protect against brute force attacks |url=https://support.solarwinds.com/SuccessCenter/s/article/Configure-Serv-U-to-protect-against-brute-force-attacks?language=en_US |website=solarwinds.com |publisher=Solar Winds |access-date=27 October 2022}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)