# 🔐 Brute-Force Attack Simulation in Python


This notebook demonstrates how brute-force attacks work in cryptography using simple ciphers like Caesar Cipher and numeric PINs.
We also analyze the feasibility of brute-force attacks on modern cryptographic standards like AES.


In [None]:

def caesar_encrypt(plaintext, key):
    ciphertext = ''
    for char in plaintext:
        if char.isalpha():
            base = ord('A') if char.isupper() else ord('a')
            ciphertext += chr((ord(char) - base + key) % 26 + base)
        else:
            ciphertext += char
    return ciphertext

# Example
plaintext = "Hello World"
key = 3
ciphertext = caesar_encrypt(plaintext, key)
print("Encrypted Text:", ciphertext)


In [None]:

def brute_force_caesar(ciphertext):
    for key in range(26):
        decrypted = ''
        for char in ciphertext:
            if char.isalpha():
                base = ord('A') if char.isupper() else ord('a')
                decrypted += chr((ord(char) - base - key) % 26 + base)
            else:
                decrypted += char
        print(f"Key {key:2d}: {decrypted}")

# Try brute-force
brute_force_caesar(ciphertext)


In [None]:

def brute_force_pin(real_pin):
    attempts = 0
    for guess in range(10000):
        attempt = f"{guess:04d}"
        attempts += 1
        if attempt == real_pin:
            print(f"PIN cracked: {attempt} in {attempts} attempts")
            return

# Simulate pin cracking
brute_force_pin("3847")



## 🔐 AES Keyspace Size

AES-128 uses a 128-bit key. This means:

- **Possible keys** = 2^128 = ~3.4 × 10^38
- Brute-forcing AES with current technology is computationally infeasible.

If a computer could check **1 billion keys per second**, it would still take:

- **~10^22 years** to try all keys (far longer than the age of the universe).


In [None]:

import time

def simulate_brute_force_speed(key_space_size=100000, correct_key=78923):
    start_time = time.time()
    for guess in range(key_space_size):
        if guess == correct_key:
            break
    end_time = time.time()
    print(f"Time to crack key {correct_key}: {end_time - start_time:.6f} seconds")

simulate_brute_force_speed()



## 🧠 Summary

- Brute-force attacks are **simple but extremely inefficient** as key size increases.
- Small keyspaces (e.g., Caesar, PINs) can be cracked quickly.
- Large keyspaces (e.g., AES-128, AES-256) are secure against brute-force with current and foreseeable classical computing capabilities.

---

💡 Next Steps: Study **quantum computing threats** like **Grover's Algorithm**, which can reduce brute-force complexity to `√N`, making AES-128 have an effective security level of AES-64.



## 🧮 Brute-Force Attack Complexity

The time complexity of a brute-force attack is **O(N)** where `N` is the size of the keyspace. For a key of `k` bits:

- `N = 2^k`
- Time grows **exponentially** with key size.
- Security grows **linearly with the number of bits** added to the key.

For example:

- 32-bit key → 2^32 ≈ 4.3 billion keys
- 128-bit key → 2^128 ≈ 3.4 × 10^38 keys
- 256-bit key → 2^256 ≈ 1.15 × 10^77 keys


In [None]:
from math import log2

def entropy_analysis(bits):
    entropy = bits  # entropy in bits for uniformly distributed keys
    key_space = 2 ** bits
    print(f"Entropy: {entropy} bits")
    print(f"Key space size: 2^{bits} = {key_space:.3e}")
    print(f"Log2(key space): {log2(key_space):.1f} bits")

# AES-128 vs AES-256
entropy_analysis(128)
entropy_analysis(256)



## 🧪 Quantum Threat: Grover's Algorithm

Grover’s Algorithm allows a quantum computer to search an unstructured keyspace in **√N** time.

For brute-force attacks:

- Classical: `O(N)`
- Quantum: `O(√N)`

This means:

- AES-128 → effective security of 64 bits
- AES-256 → effective security of 128 bits

So, **AES-256 is preferred** in a post-quantum world.

However, **Grover's Algorithm still requires a fully functioning quantum computer with thousands of qubits**, which remains an engineering challenge.
