Sunday, 23 November 2014

Brute force

Brute-force search



This article needs additional citations for verification . Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. (February 2008)



In computer science. brute-force search or exhaustive search . also known as generate and test . is a very general problem-solving technique that consists of systematically enumerating all possible candidates for the solution and checking whether each candidate satisfies the problem's statement.



A brute-force algorithm to find the divisors of a natural number n would enumerate all integers from 1 to the square root of n, and check whether each of them divides n without remainder. A brute-force approach for the eight queens puzzle would examine all possible arrangements of 8 pieces on the 64-square chessboard, and, for each arrangement, check whether each (queen) piece can attack any other.



While a brute-force search is simple to implement, and will always find a solution if it exists, its cost is proportional to the number of candidate solutions – which in many practical problems tends to grow very quickly as the size of the problem increases. Therefore, brute-force search is typically used when the problem size is limited, or when there are problem-specific heuristics that can be used to reduce the set of candidate solutions to a manageable size. The method is also used when the simplicity of implementation is more important than speed.



This is the case, for example, in critical applications where any errors in the algorithm would have very serious consequences; or when using a computer to prove a mathematical theorem. Brute-force search is also useful as a baseline method when benchmarking other algorithms or metaheuristics. Indeed, brute-force search can be viewed as the simplest metaheuristic. Brute force search should not be confused with backtracking. where large sets of solutions can be discarded without being explicitly enumerated (as in the textbook computer solution to the eight queens problem above). The brute-force method for finding an item in a table — namely, check all entries of the latter, sequentially — is called linear search .



Contents



Implementing the brute-force search [ edit ]



Basic algorithm [ edit ]



In order to apply brute-force search to a specific class of problems, one must implement four procedures. first , next . valid . and output . These procedures should take as a parameter the data P for the particular instance of the problem that is to be solved, and should do the following:



first ( P ): generate a first candidate solution for P .



next ( P . c ): generate the next candidate for P after the current one c .



valid ( P . c ): check whether candidate c is a solution for P .



output ( P . c ): use the solution c of P as appropriate to the application.



The next procedure must also tell when there are no more candidates for the instance P . after the current one c . A convenient way to do that is to return a "null candidate", some conventional data value ? that is distinct from any real candidate. Likewise the first procedure should return ? if there are no candidates at all for the instance P . The brute-force method is then expressed by the algorithm



For example, when looking for the divisors of an integer n . the instance data P is the number n . The call first ( n ) should return the integer 1 if n 1, or ? otherwise; the call next ( n , c ) should return c + 1 if c n . and ? otherwise; and valid ( n , c ) should return true if and only if c is a divisor of n . (In fact, if we choose ? to be n + 1, the tests n 1 and c n are unnecessary.)The brute-force search algorithm above will call output for every candidate that is a solution to the given instance P . The algorithm is easily modified to stop after finding the first solution, or a specified number of solutions; or after testing a specified number of candidates, or after spending a given amount of CPU time.



Combinatorial explosion [ edit ]



The main disadvantage of the brute-force method is that, for many real-world problems, the number of natural candidates is prohibitively large. For instance, if we look for the divisors of a number as described above, the number of candidates tested will be the given number n . So if n has sixteen decimal digits, say, the search will require executing at least 10 15 computer instructions, which will take several days on a typical PC. If n is a random 64-bit natural number, which has about 19 decimal digits on the average, the search will take about 10 years. This steep growth in the number of candidates, as the size of the data increases, occurs in all sorts of problems. For instance, if we are seeking a particular rearrangement of 10 letters, then we have 10! = 3,628,800 candidates to consider, which a typical PC can generate and test in less than one second. However, adding one more letter — which is only a 10% increase in the data size — will multiply the number of candidates by 11 — a 1000% increase. For 20 letters, the number of candidates is 20. which is about 2.4?10 18 or 2.4 quintillion ; and the search will take about 10 years. This unwelcome phenomenon is commonly called the combinatorial explosion. or the curse of dimensionality .



Speeding up brute-force searches [ edit ]



One way to speed up a brute-force algorithm is to reduce the search space, that is, the set of candidate solutions, by using heuristics specific to the problem class. For example, in the eight queens problem the challenge is to place eight queens on a standard chessboard so that no queen attacks any other. Since each queen can be placed in any of the 64 squares, in principle there are 64 8 = 281,474,976,710,656 possibilities to consider. However, because the queens are all alike, and that no two queens can be placed on the same square, the candidates are all possible ways of choosing of a set of 8 squares from the set all 64 squares; which means 64 choose 8 = 64!/56!/8! = 4,426,165,368 candidate solutions — about 1/60,000 of the previous estimate. Further, no arrangement with two queens on the same row or the same column can be a solution. Therefore, we can further restrict the set of candidates to those arrangements.



As this example shows, a little bit of analysis will often lead to dramatic reductions in the number of candidate solutions, and may turn an intractable problem into a trivial one.



In some cases, the analysis may reduce the candidates to the set of all valid solutions; that is, it may yield an algorithm that directly enumerates all the desired solutions (or finds one solution, as appropriate), without wasting time with tests and the generation of invalid candidates. For example, for the problem "find all integers between 1 and 1,000,000 that are evenly divisible by 417" a naive brute-force solution would generate all integers in the range, testing each of them for divisibility. However, that problem can be solved much more efficiently by starting with 417 and repeatedly adding 417 until the number exceeds 1,000,000 — which takes only 2398 (= 1,000,000 ? 417) steps, and no tests.



Reordering the search space [ edit ]



In applications that require only one solution, rather than all solutions, the expected running time of a brute force search will often depend on the order in which the candidates are tested. As a general rule, one should test the most promising candidates first. For example, when searching for a proper divisor of a random number n . it is better to enumerate the candidate divisors in increasing order, from 2 to n - 1, than the other way around — because the probability that n is divisible by c is 1/ c . Moreover, the probability of a candidate being valid is often affected by the previous failed trials. For example, consider the problem of finding a 1 bit in a given 1000-bit string P . In this case, the candidate solutions are the indices 1 to 1000, and a candidate c is valid if P [ c ] = 1 . Now, suppose that the first bit of P is equally likely to be 0 or 1 . but each bit thereafter is equal to the previous one with 90% probability. If the candidates are enumerated in increasing order, 1 to 1000, the number t of candidates examined before success will be about 6, on the average. On the other hand, if the candidates are enumerated in the order 1,11,21,31. 991,2,12,22,32 etc. the expected value of t will be only a little more than 2.More generally, the search space should be enumerated in such a way that the next candidate is most likely to be valid, given that the previous trials were not . So if the valid solutions are likely to be "clustered" in some sense, then each new candidate should be as far as possible from the previous ones, in that same sense. The converse holds, of course, if the solutions are likely to be spread out more uniformly than expected by chance.



Alternatives to brute-force search [ edit ]



There are many other search methods, or metaheuristics, which are designed to take advantage of various kinds of partial knowledge one may have about the solution. Heuristics can also be used to make an early cutoff of parts of the search. One example of this is the minimax principle for searching game trees, that eliminates many subtrees at an early stage in the search. In certain fields, such as language parsing, techniques such as chart parsing can exploit constraints in the problem to reduce an exponential complexity problem into a polynomial complexity problem. In many cases, such as in Constraint Satisfaction Problems. one can dramatically reduce the search space by means of Constraint propagation. that is efficiently implemented in Constraint programming languages. The search space for problems can also be reduced by replacing the full problem with a simplified version. For example, in computer chess. rather than computing the full minimax tree of all possible moves for the remainder of the game, a more limited tree of minimax possibilities is computed, with the tree being pruned at a certain number of moves, and the remainder of the tree being approximated by a static evaluation function .



In cryptography [ edit ]



The key length used in the encryption determines the practical feasibility of performing a brute force attack, with longer keys exponentially more difficult to crack than shorter ones. Brute force attacks can be made less effective by obfuscating the data to be encoded, something that makes it more difficult for an attacker to recognise when he has cracked the code. One of the measures of the strength of an encryption system is how long it would theoretically take an attacker to mount a successful brute force attack against it.



Brute-force attack



The EFF 's US$250,000 DES cracking machine contained over 1,800 custom chips and could brute-force a DES key in a matter of days. The photograph shows a DES Cracker circuit board fitted on both sides with 64 Deep Crack chips.



In cryptography. a brute-force attack . or exhaustive key search . is a cryptanalytic attack that can, in theory, be used against any encrypted data [ 1 ] (except for data encrypted in an information-theoretically secure manner). Such an attack might be used when it is not possible to take advantage of other weaknesses in an encryption system (if any exist) that would make the task easier. It consists of systematically checking all possible keys or passwords until the correct one is found. In the worst case, this would involve traversing the entire search space .



When password guessing, this method is very fast when used to check all short passwords, but for longer passwords other methods such as the dictionary attack are used because of the time a brute-force search takes.



When key guessing, the key length used in the cipher determines the practical feasibility of performing a brute-force attack, with longer keys exponentially more difficult to crack than shorter ones. A cipher with a key length of N bits can be broken in a worst-case time proportional to 2 N and an average time of half that.



Brute-force attacks can be made less effective by obfuscating the data to be encoded, something that makes it more difficult for an attacker to recognize when he/she has cracked the code. One of the measures of the strength of an encryption system is how long it would theoretically take an attacker to mount a successful brute-force attack against it.



Brute-force attacks are an application of brute-force search. the general problem-solving technique of enumerating all candidates and checking each one.



Contents



Theoretical limits [ edit ]



The resources required for a brute-force attack grow exponentially with increasing key size. not linearly. Although US export regulations historically restricted key lengths to 56-bit symmetric keys (e. g. Data Encryption Standard ), these restrictions are no longer in place, so modern symmetric algorithms typically use computationally stronger 128- to 256-bit keys.



There is a physical argument that a 128-bit symmetric key is computationally secure against brute-force attack. The so-called Landauer limit implied by the laws of physics sets a lower limit on the energy required to perform a computation of kT  · ln 2 per bit erased in a computation, where T is the temperature of the computing device in kelvins. k is the Boltzmann constant. and the natural logarithm of 2 is about 0.693. No irreversible computing device can use less energy than this, even in principle. [ 2 ] Thus, in order to simply flip through the possible values for a 128-bit symmetric key (ignoring doing the actual computing to check it) would theoretically require 2 128 ? 1 bit flips on a conventional processor. If it is assumed that the calculation occurs near room temperature (



300 K) the Von Neumann-Landauer Limit can be applied to estimate the energy required as



10 18 joules. which is equivalent to consuming 30 gigawatts of power for one year. This is equal to 30?10 9 W?365?24?3600 s = 9.46?10 17 J or 262.7 TWh (more than 1/100th of the world energy production ). [ citation needed ] The full actual computation – checking each key to see if you have found a solution – would consume many times this amount. Furthermore, this is simply the energy requirement for cycling through the key space; the actual time it takes to flip each bit is not considered, which is certainly greater than 0 .



However, this argument assumes that the register values are changed using conventional set and clear operations which inevitably generate entropy. It has been shown that computational hardware can be designed not to encounter this theoretical obstruction (see reversible computing ), though no such computers are known to have been constructed. [ citation needed ]



Modern GPUs are well-suited to the repetitive tasks associated with hardware-based password cracking



A single COPACOBANA board boasting 6 Xilinx Spartans – a cluster is made up of 20 of these



AES permits the use of 256-bit keys. Breaking a symmetric 256-bit key by brute force requires 2 128 times more computational power than a 128-bit key. 50 supercomputers that could check a billion billion (10 18 ) AES keys per second (if such a device could ever be made) would, in theory, require about 3?10 51 years to exhaust the 256-bit key space.



An underlying assumption of a brute-force attack is that the complete keyspace was used to generate keys, something that relies on an effective random number generator. and that there are no defects in the algorithm or its implementation. For example, a number of systems that were originally thought to be impossible to crack by brute force have nevertheless been cracked because the key space to search through was found to be much smaller than originally thought, because of a lack of entropy in their pseudorandom number generators. These include Netscape 's implementation of SSL (famously cracked by Ian Goldberg and David Wagner in 1995 [ 6 ] ) and a Debian /Ubuntu edition of OpenSSL discovered in 2008 to be flawed. [ 7 ] A similar lack of implemented entropy led to the breaking of Enigma's code. [ 8 ] [ 9 ]



Credential recycling [ edit ]



Credential recycling refers to the hacking practice to re-use username and password combinations gathered in previous brute-force attacks. A special form of credential recycling is pass the hash. where unsalted hashed credentials are stolen and re-used without first being brute forced.



Unbreakable codes [ edit ]



Certain types of encryption, by their mathematical properties, cannot be defeated by brute force. An example of this is one-time pad cryptography, where every cleartext bit has a corresponding key from a truly random sequence of key bits. A 140 character one-time-pad-encoded string subjected to a brute-force attack would eventually reveal every 140 character string possible, including the correct answer – but of all the answers given, there would be no way of knowing which was the correct one. Defeating such a system, as was done by the Venona project. generally relies not on pure cryptography, but upon mistakes in its implementation: the key pads not being truly random, intercepted keypads, operators making mistakes – or other errors. [ 10 ]



Countermeasures [ edit ]



In case of an offline attack where the attacker has access to the encrypted material, he can try key combinations at his leisure without the risk of discovery or interference. However database and directory administrators can take countermeasures against online attacks, for example by limiting the number of attempts that a password can be tried, by introducing time delays between successive attempts, increasing the answer's complexity (e. g. requiring a CAPTCHA answer or verification code sent via cellphone), and/or locking accounts out after unsuccessful logon attempts. [ 11 ] [ page needed ] Website administrators may prevent a particular IP address from trying more than a predetermined number of password attempts against any account on the site. [ 12 ]



Reverse brute-force attack [ edit ]



In a reverse brute-force attack . a single (usually common) password is tested against multiple usernames or encrypted files. [ 13 ] The process may be repeated for a select few passwords. In such a strategy, the attacker is generally not targeting a specific user. Reverse brute-force attacks can be mitigated by establishing a password policy that disallows common passwords. [ citation needed ]



brute force



brute force in Technology Expand



programming



A primitive programming style in which the programmer relies on the computer's processing power instead of using his own intelligence to simplify the problem, often ignoring problems of scale and applying naive methods suited to small problems directly to large ones. The term can also be used in reference to programming style: brute-force programs are written in a heavy-handed, tedious way, full of repetition and devoid of any elegance or useful abstraction (see also brute force and ignorance ).



The canonical example of a brute-force algorithm is associated with the "travelling salesman problem " (TSP), a classical NP-hard problem:



Suppose a person is in, say, Boston, and wishes to drive to N other cities. In what order should the cities be visited in order to minimise the distance travelled?



The brute-force method is to simply generate all possible routes and compare the distances; while guaranteed to work and simple to implement, this algorithm is clearly very stupid in that it considers even obviously absurd routes (like going from Boston to Houston via San Francisco and New York, in that order). For very small N it works well, but it rapidly becomes absurdly inefficient when N increases (for N = 15, there are already 1,307,674,368,000 possible routes to consider, and for N = 1000 - well, see bignum ). Sometimes, unfortunately, there is no better general solution than brute force. See also NP-complete.



A more simple-minded example of brute-force programming is finding the smallest number in a large list by first using an existing program to sort the list in ascending order, and then picking the first number off the front.



Whether brute-force programming should actually be considered stupid or not depends on the context; if the problem is not terribly big, the extra CPU time spent on a brute-force solution may cost less than the programmer time it would take to develop a more "intelligent" algorithm. Additionally, a more intelligent algorithm may imply more long-term complexity cost and bug-chasing than are justified by the speed improvement.



Ken Thompson. co-inventor of Unix. is reported to have uttered the epigram "When in doubt, use brute force". He probably intended this as a ha ha only serious. but the original Unix kernel 's preference for simple, robust and portable algorithms over brittle "smart" ones does seem to have been a significant factor in the success of that operating system. Like so many other tradeoffs in software design, the choice between brute force and complex, finely-tuned cleverness is often a difficult one that requires both engineering savvy and delicate aesthetic judgment.



(1995-02-14)



The Free On-line Dictionary of Computing, © Denis Howe 2010 http://foldoc. org



brute force cracking



Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.



Looking for something else?



Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES ) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies. Just as a criminal might break into, or "crack" a safe by trying many possible combinations, a brute force cracking application proceeds through all possible combinations of legal characters in sequence. Brute force is considered to be an infallible, although time-consuming, approach.



File Extensions and File Formats



Latest TechTarget resources



Search Cloud Security



Research shows enterprises leaking shadow data to the cloud



A new study by cloud security startup Elastica shows that enterprise employees are unknowingly leaking sensitive data through.



The cloud security threat-modeling process: Laying the groundwork



Server configuration management on IaaS clouds



IaaS clouds need baseline server configuration, but real security requires enterprises to go beyond that. Expert Dave Shackleford.



Search Networking



Common DNS record times: What they mean



The domain name resolution process has many steps. Our expert walks you through some of the most common.



SAP application development framework gains traction



New Extreme switch and AP for high-performance, midsize networks



New Extreme switch and wireless access point introduced by Extreme Networks delivers high levels of network performance at a.



Search CIO



Attention to UX is the first rule of mobile apps: Seven tips



Intimate, efficient, secure are the watchwords for creating a great mobile payment app. These goals also apply to just about any.



The future of incident response is in real-time OODA feedback loops



The era of incident response gives humans a leg up



More organizations are realizing that strong incident response is the best way to prevent future attacks, but IR is still.



Search Consumerization



Why mobile user authentication is more important than ever



Encrypting data is a good first step, but if you don't properly authenticate users, sensitive information can still fall into the.



App virtualization, refactoring tools and development: Which is right for you?



For enterprise file sync-and-share, security is king



IT should rest easy about where their data lives in the consumerization age, but there's no one-size-fits-all approach to.



Search Enterprise Desktop



Why is Internet Explorer security such a challenge?



A myriad of browser vulnerabilities and attacks pose a constant threat to Internet Explorer security, endpoint computing and.



Four third-party Windows 8 tools empower PC users



IE is everywhere, but don't dismiss alternative browsers



Our columnist says free alternative browsers such as Google Chrome and Firefox are giving IE a run for its money because they run.



Search Cloud Computing



Joyent bets future on Docker deployment at scale



Joyent is all-in on Docker and plans to marry the technology with its container-based infrastructure to get a leg up with cloud.



Red Hat portal calms enterprise private cloud nerves



What to buy: Private cloud management tools compared



Compare leading third-party private cloud management tools to pick the right one for your environment.



Computer Weekly



Google joins enterprise cloud battle with additions to its cloud platform



Google made a raft of announcements at its GCP Live event, including enhancements to its networking stack and storage price drops



Cisco Cloud Index: Cloud to represent 76% of datacentre traffic by 2018



Departments lack common targets for implementing open-document standards



Whitehall departments have begun publishing plans on implementing the government’s open-document standards policy



Brute Force (The Criterion Collection)



Most Helpful Customer Reviews



Format: DVD



The Criterion Collection presents "BRUTE FORCE" (30 June 1947) (98 min/B&W) (Fully Restored/Dolby Digitally Remastered) -- Burt Lancaster had one of his first starring roles in this hard-hitting prison drama --- Capt. Munsey (Hume Cronyn) is a cruel, corrupt prison guard who has his own less-than-ethical ways of dealing with inmates, enough so that Joe Collins (Lancaster) - the toughest inmate in the cell block - has decided to break out --- Collins tries to persuade Gallagher (Charles Bickford), the unofficial leader of the inmates and editor of the prison newspaper, to join him, but Gallagher thinks Collins' plan won't work --- However, Collins does have the support of his cellmates, most of whom, like himself, wandered into a life of crime thanks to love and good intentions --- Collins pulled a bank job to raise money to pay for an operation that could possibly get his girl out of a wheelchair --- Fabulous score by composer Miklós Rózsa.



Top flight power performance from Burt --- and the rest is history!



Under the production staff of:



Jules Dassin [Director]



Richard Brooks [Screenwriter]



Robert Patterson [Story]



Jules Buck [Associate Producer].



Mark Hellinger [Producer]



Miklós Rózsa [Original Film Score]



William H. Daniels [Cinematographer]

No comments:

Post a Comment