This assumes that the password derivation process is not flawed in some way.
But with two PC that's only 25 million years. You're in for 10 20*0.5/32000 seconds, also known as 50 million years. With ten random characters chosen uniformly among the hundred-of-so of characters which can be typed on a keyboard, there are 10 20 potential passwords, and brute force will, on average, try half of them. With a quad-core recent PC (those with the spiffy AES instructions), you should be able to test about 32000 potential passwords per second.
The default number of iterations is 6000, so that's 12000 AES invocations for processing one password (encryption is done on a 256-bit value, AES uses 128-bit blocks, so there must be two AES invocations at least for each round). KeePass uses a custom password derivation process which includes multiple iterations of symmetric encryption with a random key (which then serves as salt), as explained there.
0 kommentar(er)
