# Commoninfo:bruteforce

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

# "Brute force" attack

The "brute force" — a method for solving mathematical tasks.

Such an attack belongs to the class of methods for finding a solution by exhausting all possible options. The complexity of a complete search depends on the number of all possible solutions to the problem. If the solution space is very large, then a complete search may not yield results for several years or even centuries.

In cryptography, the evaluation of the cryptographic strength of ciphers is based on the computational complexity of a complete search. In particular, a cipher is considered cryptographic if there is no method of "cracking" significantly faster than a complete search of all keys. Cryptographic attacks based on the brute force method are the most versatile, but also the longest.

# Brute force method

In cryptography, a full brute force cryptographic attack is based on a complete search — cracking a password by going through all possible key options. Its feature is the ability to be used against any practically used cipher.

However, such a possibility exists only theoretically and often requires unrealistic time and resource costs.

The use of a "brute force" attack is most justified in cases where it is not possible to find weaknesses in the encryption systems being attacked (or there are no weaknesses in the encryption system under consideration). When such shortcomings are detected, cryptanalysis techniques based on their features are developed, which helps simplify hacking.

The resistance to the "brute force" attack determines the encryption key used in the cryptosystem. So, with increasing key length, the complexity of hacking by this method increases exponentially.

There are ways to increase the resistance of the cipher to "brute force": for example, obfuscation of encrypted data, which makes it non-trivial to distinguish encrypted data from unencrypted.

Cryptographic attacks based on the "brute force" method are the most versatile, but at the same time the slowest. They are used mainly by novice hackers.

Effective for simple encryption algorithms; inefficient for modern keys.