Suppose I have only the first 16 characters of a MD5 hash. If I use brute force attack or rainbow tables or any other method to retrieve the original password, how many compatible candidates have I to expect? 1? (I do not think) 10, 100, 1000, 10^12? Even a rough answer is welcome (for the number, but please be coherent with hash theory and methodology).
is it possible to retrieve a password from a (partial) MD5 hash?
1.6k Views Asked by tic At
2
There are 2 best solutions below
Related Questions in HASH
- Firefox vim mode, can't switch to normal mode in style editor
- How to skip a command in redo
- Vim errorformat multiline string
- How to let Vim tell the switching across several `gvim.exe` processes?
- match wordchar and/or dot string of anylength
- augment the number of lines on indent
- Barebones vim with `nocp`
- Moved .vimrc in a new dir, trying to get it to work
- Copying text from gvim editor to system clipboard works only once per session
- Temporarily declare a word as wrong in vim spellchecker
Related Questions in PASSWORDS
- Firefox vim mode, can't switch to normal mode in style editor
- How to skip a command in redo
- Vim errorformat multiline string
- How to let Vim tell the switching across several `gvim.exe` processes?
- match wordchar and/or dot string of anylength
- augment the number of lines on indent
- Barebones vim with `nocp`
- Moved .vimrc in a new dir, trying to get it to work
- Copying text from gvim editor to system clipboard works only once per session
- Temporarily declare a word as wrong in vim spellchecker
Related Questions in MD5
- Firefox vim mode, can't switch to normal mode in style editor
- How to skip a command in redo
- Vim errorformat multiline string
- How to let Vim tell the switching across several `gvim.exe` processes?
- match wordchar and/or dot string of anylength
- augment the number of lines on indent
- Barebones vim with `nocp`
- Moved .vimrc in a new dir, trying to get it to work
- Copying text from gvim editor to system clipboard works only once per session
- Temporarily declare a word as wrong in vim spellchecker
Related Questions in BRUTE-FORCE
- Firefox vim mode, can't switch to normal mode in style editor
- How to skip a command in redo
- Vim errorformat multiline string
- How to let Vim tell the switching across several `gvim.exe` processes?
- match wordchar and/or dot string of anylength
- augment the number of lines on indent
- Barebones vim with `nocp`
- Moved .vimrc in a new dir, trying to get it to work
- Copying text from gvim editor to system clipboard works only once per session
- Temporarily declare a word as wrong in vim spellchecker
Related Questions in RAINBOWATTACK
- Firefox vim mode, can't switch to normal mode in style editor
- How to skip a command in redo
- Vim errorformat multiline string
- How to let Vim tell the switching across several `gvim.exe` processes?
- match wordchar and/or dot string of anylength
- augment the number of lines on indent
- Barebones vim with `nocp`
- Moved .vimrc in a new dir, trying to get it to work
- Copying text from gvim editor to system clipboard works only once per session
- Temporarily declare a word as wrong in vim spellchecker
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
The output of MD5 is 16 bytes (128 bits). I suppose that you are talking about an hexadecimal representation, hence as 32 characters. Thus, "16 characters" means "64 bits". You are considering MD5 with its output truncated to 64 bits.
MD5 accepts inputs up to 264 bits in length; assuming that MD5 behaves as a random function, this means that the 218446744073709551616 possible input strings will map more or less uniformly among the 264 outputs, hence the average number of candidates for a given output is about 218446744073709551552, which is close to 105553023288523357112.95.
However, if you consider that you can find at least one candidate, then this means that the space of possible passwords that you consider is much reduced. A rainbow table is a special kind of precomputed table which accepts a compact representation (at the expense of a relatively expensive lookup procedure), but if it covers N passwords, then this means that, at some point, someone could apply the hash function N times. In practice, this severely limits the size N. Assuming N=260 (which means that the table builder had about one hundred NVidia GTX 580 GPU and could run them for six months; also, the table will use quite a lot of hard disks), then, on average, only 1/16th of 64-bit outputs have a matching password in the table. For those passwords which are in the table, there is a 93.75% probability that there is no other password in the table which leads to the same output; if you prefer, if you find a matching password, then you will find, on average, 0.0625 other candidates (i.e. most of the time, no other candidate).
In brief, the answer to your question depends on the size N of the space of possible passwords that you consider (those which were covered during rainbow table construction); but, in practice with Earth-based technology, if you can find one matching password for a 64-bit output, chances are that you will not be able to find another (although there are are really many others).