petro wrote:
Of course, a *simple* substitution of one word (or even spaces) would make this *much* harder.
"Friends, Romulans, fellow countrymen, lend me your beers..."
not likely. crack has been guessing simple substitutions for years.
Crack has been guessing "simple" substitutions at the character level.
your point? it's trivial to change the rules from "try replacing o with 0 (zero)" to using a phonetics dictionary on a whole word. pattern matching is likewise so trivial that I've used it in online games for nothing more important than fixing typos of players.
It gets a bit unwieldy and time consuming when running brute force attack against a 50 or 60 character string.
yes, but you *still* reduce the key space by several orders of magnitude, or rather: reorder it in your favor (I assume that when you failed with all substitions, you'll go "real" brute force, skipping what you already tried).