Rule 3: Exhaustive search fails

• If the defender is really good

  • almost any search fails

• Almost all defenders are NOT really good

  • directed search is a viable alternative
  • an ordered search of the key space
  • the order of the search is based on the users
    • obvious guesses - names, UIDs, forward, backward, etc.
    • different languages => different guesses
    • lowest information content first
    • dictionaries
  • key space exhaustion is sometimes feasible

Previous slide

Next slide

Back to first slide

View graphic version