How likely is a SHA256 hash to be brute forced on this conditions?



  • If a string has a length of 16 characters, but it is also known that the first 2 characters are fixed, and that the rest of the string has random letters but letters only, no digits nor special chars, would it still take years to crack a sha256 on these conditions or is it unsafe?



  • The first two characters are fixed so it does not add or take away from entropy. Assuming that the next 14 letters are random, size of password space = 52^14 (lower and upper case letters). It is equivalent to hashing log(52^14)=14*log(52) = around 80 random bits.

    I don't consider it secure against modern ASICs, when bitcoin network crosses 200 Exa hashes per second (about 61 bits). Even if just 10% of this power attacks you, it will only take about two months to crack it (my calculated estimate for maximum time. Average is about 1 month.)


Log in to reply
 

Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2