Fun math:
Let's assume a password is anywhere from 4 to 16 characters long, a-z0-9.
Total possible combinations:
Summation of (36^x), x = 16, go until x = 4 (including 4).
Yeah, I'm too lazy to figure out how to make a summation sign. And, I'm too lazy to look up the formula that would simplify that immensely.
The total number of space taken would thus be:
Number of possibilities * 16 bytes + length of each possibility.
(The sum of the length of every possibility could be found by:
Summation of x*(36^x), x goes from 16 to 4.
)
Great, now I get to punch it all into a calculator x.x.
Actually hrmm...
<?php
//Summation of (36^x), x = 16, go until x = 4 (including 4).
//Summation of x*(36^x), x goes from 16 to 4.
$sum = '0';
for($x = 16; $x >= 4; --$x) {
$sum = bcadd($sum, bcpow(36, $x));
}
echo "There are {$sum} total combinations possible.\n";
$sum2 = '0';
for($x = 16; $x >= 4; --$x) {
$sum2 = bcadd($sum2, bcmul($x, bcpow(36, $x)));
}
echo "{$sum2} bytes would be required to store the start text.\n\n";
echo "Total: " . bcadd(bcmul(16, $sum), $sum2) . " bytes.";
261719758492310867939371008 bytes! Yeah!
About 232453841502 petabytes.
Now that I think about it, that sounds too high.... I did that math correctly, yes?
Hrmmm... If the min length was 1, the max length was 2 and "a", "b", and "c" were the choices....
a
b
c
aa
ab
ac
ba
bb
bc
ca
cb
cc
12 choices... (I should probably actually do 3 as the max length before I conclude anything, but I'm tired.)
3^x, x goes from 1,2
3 + 9. 12? Hrmmm.... So I guess my math is right unless one of y'all sees an issue with it.
So... at MadTechie's rate of 187.74 pounds per 2TB, that would cost about: 22344132712235679 pounds.
I feel like my math must have gone wrong somewhere....
Hrmmm now to wait for someone to correct my crazy-ass math.
Edit: Oh wow.... I'm a dumb ass who should sleep... I just thought about y'all's posts and realized a major thing I missed. MD5 has a static hash length...
So the maximum number of MD5 hashes ever possible is 2^128.
Oh wait.... 340282366920938463463374607431768211456 is larger than the total number of possible hashes that would exist.
Also, for the function md5(x), with output y, just because md5(x) is limited to z outputs does not mean anything in regards to the number of collisions.
Therefore, just because there are c possible inputs does not mean that there is a certain number of variables such that the md5() of the variable is equal to md5(x).
(Hopefully that made sense.... What I'm saying is, if the number of possible hashes was smaller than the number of possible passwords, that still does not mean that a collision exists for that particular password. Also, nothing would insure that a collision would exist that met the same requirements. In fact, I would expect that to be VERY unlikely.)
