This thread will not die pending all permutation are tried.Not true. Let's kill it now. [Begin a rant]
A 'cracker' may have either a few specific targets or a wide range of potential victims. That can make a difference. But the hardware makes a big, big, and more big difference. Three orders of magnitude.
When specific targets, even just one, are /is the goal, special methods are used.
The 'cracker will use a modified computer to 'snoop' the network connection. This could mean a physical intrusion into the facility.
So it is unlawful.The modified PC will search for patterns in the encrypted stream. A database is made of instances whee the same pattern is found. Later the patterns are used off-line to crack passwords.
Even the entire text. Using a very powerful modified PC the encryption is eventually cracked. Once that is done, the passwords used on that part of the LAN will be visible to the snooper.
No generation of sequences are needed, other than what is done internally by the ***** *** ***** anti-encryption engine. The process is many. many times faster than 'brute force' use of an almost endless set of permutations that would take months. Using ***** *** ***** anti-encryption hardware, a bunch of passwords can be found in a matter of days or hours.
Look at this headlineiOS Encryption Is So Good, Not Even the NSA Can Hack It - Gizmodo
Really? - What about this:
http://www.geek.com/apple/apples-ios-4-hardware-encryption-has-been-cracked-1382719/Or this:
http://www.schneier.com/blog/archives/2011/05/apples_ios_4_ha.html
May 27, 2011
Apple's iOS 4 Hardware Encryption Cracked
All I know is what's in these two blog posts from Elcomsoft. Note that they didn't break AES-256; they figured out how to extract the keys from the hardware (iPhones, iPads). The company "will be releasing the product implementing this functionality for the exclusive use of law enforcement, forensic and intelligence agencies."
The point is that when you crack the encryption, ALL passwords become your booty whenever a user has one of the popular encryption methods on his PC or mobile device. Scary. No need to guess.
Just peek. [/End of rant]