所以我看着http://codahale.com/how-to-safely-store-a-password/#并且好奇地想要在一台功能强大的台式计算机上强制使用不同的哈希,并试图测试它
我见过的大多数算法都是单线程的,让我感到震惊的是,使用c#4.0 Parallel.net/Plinq扩展和并发结构(如ConcurrentBag和IProducerConsumer)这将是一个非常有趣的挑战。
所以我的任务如下,使用并行化构建n-length和charset [x]密码的最有效/高性能的强力检查器,即生成给定字符集和长度的所有可能字符串,直到找到匹配为止。假设至少有两个核心和合理数量的ram
我要自己动手,让最好的男人/女人获胜:)
编辑
首次尝试而不比较性能,范围和已知密码长度
char[] chars = new char[] { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z' };
public long NrCombinations(int nrChars, int stringLength)
{
Func<long, int, long> power = null;
power = (i, p) => p == 1 ? i : i * power(i, p - 1);
return power(nrChars, stringLength);
}
public static bool StringArrayEquals(char[] a, char[] b)
{
if (a.Length != b.Length)
return false;
for (int i = 0; i < a.Length; i++)
{
if (!a[i].Equals(b[i]))
return false;
}
return true;
}
public char[] GenerateString(int i, int stringLength)
{
char[] current = new char[stringLength];
for (int i = 0; i < stringLength; i++)
{
double remainder = i % this.chars.Length;
i = i / this.chars.Length;
current[i] = this.chars[(int) remainder];
}
return current;
}
public bool IsMatch(int i, char[] password)
{
return StringArrayEquals(GenerateString(i, password.Length), password);
}
private int GetMatching(string passwordString)
{
char[] password = passwordString.ToArray();
int nrCombinations = (int)NrCombinations(this.chars.Length, password.Length);
return ParallelEnumerable.Range(0, nrCombinations).WithDegreeOfParallelism(10).FirstOrDefault(i => IsMatch(i, password));
}
下次尝试
使用ParallelEnumerable并不聪明,因为它的大小限制为int,你很快就需要至少很长时间,即使我怀疑这会让你长时间使用大密码字符集。猜猜你要么必须去BigInt,要么在那之后以某种方式开始分解它。
public long NrCombinations(int nrChars, int stringLength)
{
Func<long, int, long> power = null;
power = (i, p) => p == 1 ? i : i * power(i, p - 1);
return power(nrChars, stringLength);
}
public string GenerateString(long number, int sentenceLength)
{
char[] current = new char[sentenceLength];
for (int i = 0; i < sentenceLength; i++)
{
double remainder = number % this.chars.Length;
number = number / this.chars.Length;
current[i] = this.chars[(int) remainder];
}
return new string(current);
}
public bool IsMatch(string hash, long i, int passwordLength)
{
string generated = GenerateString(i, passwordLength);
string hashed = GetMasterHash(generated, this.site);
return string.Equals(hashed, hash);
}
private string GetMatching(string hash,int passwordLength)
{
string result = string.Empty;
int stringlength = passwordLength;
long nrCombinations = NrCombinations(this.chars.Length, stringlength);
long x = 0;
Parallel.For(0, nrCombinations, (i, loopState) =>
{
if (IsMatch(hash,i, passwordLength))
{
x = i;
loopState.Stop();
return;
}
});
if (x > 0)
{
result = this.GenerateString(x, passwordLength);
}
return result;
}
答案 0 :(得分:0)
为什么NrCombinations方法而不仅仅是
long combinations = (long)Math.Pow(base, stringLength);
我还建议int nrCombinations long,因为只有六个字符与您的基本36字母表,您将遇到麻烦(36 ^ 6> 2 ^ 31)。使用BigInteger。我认为不需要{{1}},因为如果你需要大量的蛮力,那么无论如何都不会选择。
我有这样的想法,通过使用一种De Bruijn序列流可能加速蛮力。看似合理,但我必须重新开始,因为我现在没有代码可以显示。