Showing papers on "Rainbow table published in 2020"
TL;DR: In this paper, the authors proposed a confident hash algorithm that has characteristics that enable it to succeed in the field of digital authentication and data integrity and the experimental results demonstrate its high resistance to hackers while maintaining a suitable duration.
Abstract: MD5 is a one-way cryptographic function used in various fields for maintaining data integrity. The application of a Hash function can provide much protection and privacy and subsequently reduce data usage. Most users are familiar with validating electronic documents based on a Hash function, such as the MD5 algorithm and other hash functions, to demonstrate the data integrity. There are many weaknesses of the current MD5 algorithm, mainly its failures and weaknesses against varying types of attacks, such as brute force attacks, rainbow table attacks, and Christmas attacks. Therefore, the method proposed in this paper enhances the MD5 algorithm by adding a dynamic variable length and a high efficiency that simulates the highest security available. Whereas the logistic system was used to encode ribonucleic acid (RNA) by generating a random matrix based on a new key that was created using the initial permutation (IP) tables used in the data encryption stander (DES) with the linear-feedback shift register (LFSR), this work proposes several structures to improve the MD5 hash function. The experimental results demonstrate its high resistance to hackers while maintaining a suitable duration. This paper discusses the design of a confident hash algorithm. This algorithm has characteristics that enable it to succeed in the field of digital authentication and data integrity.
23 citations
01 Jul 2020
TL;DR: This paper demonstrates how the random generation of salt is dependent on passwords and how hash values are dependent on salt.
Abstract: Passwords are barriers that protect unauthorized users from accessing personal information in any application. Protecting passwords is one of the challenging tasks in today's world. Currently, a combination of Username/Password used for authentication for a large number of applications. Malicious users might try to steal/misuse the user's data for unethical purposes. To prevent passwords from stealing, developers prefer to use one-way hash functions. One-way hash functions are theoretically irreversible functions that take as an input variable size text and output fixed-sized text. In reality, hash functions are not collision-resistant. Therefore it is recommended to use passwords and randomly generated text called salt to generate hash values and prevent rainbow tables and dictionary attacks. Passwords are hashed at the client-side and sent across the public channel/network. A salt is a randomly generated alphanumeric text used to concatenate with a password to generate a random hash value. This paper demonstrates how the random generation of salt is dependent on passwords and how hash values are dependent on salt. Further, analysis of the behaviour of passwords and hash values using various tools like Wireshark, Ettercap, and Hydra are presented in the paper.
7 citations
01 Jan 2020
TL;DR: This paper represents a new approach to rainbow tables, a method of password recovery that was originally developed by Martin E. Hellman and then improved by P. Oechslin, and significantly increases common efficiency in memory and successful "human-like" passwords recovery probability.
Abstract: This paper represents a new approach to rainbow tables, a method of password recovery that was originally developed by Martin E. Hellman and then improved by P. Oechslin, so most of its implementations use Oechslin’s modification. An improvement represented in this work mostly lies in the reduction function, which uses character statistics to generate more "human-like" passwords. Though it generates passwords 5 to 10 times slower than reduction function, which uses direct dependency between hash bytes and the inserted characters, it significantly increases common efficiency in memory (8 to 30 times less memory needed to store these tables) and successful "human-like" passwords recovery probability, while these tables are generated by the same time as tables with the use of "random" reduction function.
2 citations
Journal Article•
TL;DR: It is concluded that the rainbow table method helps to eliminate all the disadvantages that exist in the pre-calculated hash chains and the method of rainbow tables.
Abstract: This article explores the attack on the MD5 hash function using pre-calculated hash chains, as well as the rainbow table method. The content of the article includes: the operation of the MD5 hash function, the determination of the calculated hash chains, the attack on the MD5 hash function by the method of the calculated hash chains, as well as the definition and study of rainbow tables. A hash function is a function that converts an array of input data of arbitrary length to an output bit sequence of fixed length, and is performed using a specific algorithm. The main vector of attack on hash functions is the search for collisions. A collision is the equality of two output values of hash functions for different input data. in this article, two methods are used to investigate the attack on hash functions: the method of pre-calculated hash chains and the method of rainbow tables. it is concluded that the rainbow table method helps to eliminate all the disadvantages that exist in the pre-calculated hash chains. where a single collision causes the rest of the chain to be corrupted. Thus, the longer the chain, the more damage is obtained from collisions. In rainbow tables, these situations are almost reduced to 0.
28 Oct 2020
TL;DR: Wang et al. as discussed by the authors presented an efficient way of recovering the intermediate key by using rainbow table attack, which can be directly applied to decrypt the Excel document, which greatly improves decryption efficiency of encrypted documents compared with the current dictionary and brute force attack methods of recovering document password.
Abstract: In this paper, we give a fast decryption method of Excel document encrypted by RC4 algorithm. Through a detailed analysis of document storage structure and encryption process, we illustrate the inner principle of key generation and data encryption in the block by block manner. We present an efficient way of recovering the intermediate key by using rainbow table attack, which can be directly applied to decrypt the Excel document. The advantage of our method is that the decryption time of one document is no longer affected by the password length and complexity. In our practical test, it has achieved the decryption of Excel encrypted documents in an average of 3 minutes on a common personal computer, which greatly improves decryption efficiency of encrypted documents compared with the current dictionary and brute force attack methods of recovering document password.
Patent•
31 Mar 2020
TL;DR: In this paper, the authors propose a two-factor authentication model, where the user login credentials are not recognized when not used on a device authorized to use those credentials, and the protection of confidential information becomes complete and the leakage or theft of data such as usernames and passwords becomes less critical.
Abstract: Methods and systems provide network security by associating login credentials with a specific end-point. By doing so, valid user login credentials are not recognized when not used on a device authorized to use those credentials. By creating that association in a secure manner, the protection of confidential information becomes more complete and the leakage or theft of data such as usernames and passwords becomes less critical. Additionally, creating this hard association makes hacking tools such as password crackers and rainbow tables significantly less effective since the possession of a valid username/password is no longer sufficient for bad actors to access assets using this two-factor authentication model.