什么是字典攻击? [英] What is a dictionary attack?
问题描述
当我们说字典攻击时,我们并不是指真正的字典,对吗?我猜我们指的是黑客词典,即彩虹表,对吗?
When we say dictionary attack, we don't really mean a real dictionary, do we? My guess is we mean a hacker's dictionary i.e. rainbow tables, right?
我的意思是,我们不是在谈论有人在登录框中输入不同的密码,而是在谈论对您的数据库具有完全访问权限的人(具有散列密码,而不是普通密码),而这个人正在逆转哈希,对吗?
My point is we're not talking about someone keying different passwords into the login box, we're talking about someone who has full access to your database (which has hashed passwords, not plain passwords) and this person is reversing the hashes, right?
推荐答案
由于密码通常是密码学中最容易受到攻击的部分,因此它实际上是一本真正的字典.假设是人们很懒惰,会选择合适的词作为密码或从中构造密码短语.但是,字典可以包含其他内容,例如常用的非单词或字母/数字组合.基本上所有可能都是选择不当的密码.
Since passwords are oft-times the easiest-to-attack part of cryptography it's actually sort of a real dictionary. The assumption is that people are lazy and choose proper words as password or construct passphrases out of them. The dictionary can include other things, though, such as commonly used non-words or letter/number combination. Essentially everything that is likely to be a poor-chosen password.
有一些程序会占用整个硬盘驱动器,并假设用户的密码在某个时间点以明文形式放入内存(然后放入页面文件)) 或者它只是存在于语料库中,如果文本存储在驱动器上1:
There are programs out there which will take an entire hard drive and build a dictionary out of every typable string on it on the assumption that the user's password was at some point in time put in plaintext into memory (and then into the pagefile) or that it simply exists in the corpus if text stored on the drive1:
即便如此,这些都可能并不重要.AccessData 销售另一个程序,取证工具包,除其他外,它会扫描硬盘驱动器以获取每个可打印的字符串.它在文档、注册表、电子邮件、交换文件、硬盘驱动器上的已删除空间......无处不在.它从中创建一个字典,并将其输入 PRTK.
Even so, none of this might actually matter. AccessData sells another program, Forensic Toolkit, that, among other things, scans a hard drive for every printable character string. It looks in documents, in the Registry, in e-mail, in swap files, in deleted space on the hard drive ... everywhere. And it creates a dictionary from that, and feeds it into PRTK.
仅从这本字典中,PRTK 就破解了超过 50% 的密码.
And PRTK breaks more than 50 percent of passwords from this dictionary alone.
实际上,即使您包含人们通常如何构建密码的知识,您也可以使词典更有效.Schneier 长谈了这个1:
Actually, you can make dictionaries more effective even if you include knowledge on how people usually build passwords. Schneier talks about this lengthily1:
- 常用词词典:5,000 个词条
- 名称词典:10,000 个条目
- 综合词典:100,000 个词条
- 语音模式词典:详尽字符搜索的 1/10,000
注音模式词典很有趣.它不是真正的字典;它是一个马尔可夫链例程,可生成给定长度的可发音的英语字符串.例如,PRTK 可以生成和测试一个包含非常可发音的六字符字符串或几乎不可以发音的七字符字符串的字典.他们正在研究其他语言的生成例程.
The phonetic pattern dictionary is interesting. It's not really a dictionary; it's a Markov-chain routine that generates pronounceable English-language strings of a given length. For example, PRTK can generate and test a dictionary of very pronounceable six-character strings, or just-barely pronounceable seven-character strings. They're working on generation routines for other languages.
PRTK 还运行四字符字符串的详尽搜索.它运行小写(最常见)、首字母大写(第二常见)、全部大写和最后大写的字典.它运行带有常见替换的字典:$";对于s",@"对于a",1"对于l"等等.任何让我们说话"的东西包括在这里,如3"对于e."
PRTK also runs a four-character-string exhaustive search. It runs the dictionaries with lowercase (the most common), initial uppercase (the second most common), all uppercase and final uppercase. It runs the dictionaries with common substitutions: "$" for "s," "@" for "a," "1" for "l" and so on. Anything that's "leet speak" is included here, like "3" for "e."
附属词典包括以下内容:
The appendage dictionaries include things like:
- 所有两位数组合
- 所有日期从 1900 年到 2006 年
- 所有三位数组合
- 所有单个符号
- 所有单个数字,加上单个符号
- 所有两个符号的组合
1 Bruce Schneier:选择安全密码. In:Schneier on Security.(网址)
1 Bruce Schneier: Choosing Secure Passwords. In: Schneier on Security. (URL)
这篇关于什么是字典攻击?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
