Rainbow table

About: Rainbow table is a research topic. Over the lifetime, 488 publications have been published within this topic receiving 11528 citations.

A Comparison of Cryptanalytic Tradeoff Algorithms

Abstract: Three time-memory tradeoff algorithms are compared in this paper. Specifically, the classical tradeoff algorithm by Hellman, the distinguished point tradeoff method, and the rainbow table method, in their non-perfect table versions, are treated. We show that, under parameters and assumptions that are typically considered in theoretic discussions of the tradeoff algorithms, the Hellman and distinguished point tradeoffs perform very close to each other and the rainbow table method performs somewhat better than the other two algorithms. Our method of comparison can easily be applied to other situations, where the conclusions could be different. The analysis of tradeoff efficiency presented in this paper does not ignore the effects of false alarms and also covers techniques for reducing storage, such as ending point truncations and index tables. Our comparison of algorithms fully takes into account success probabilities and precomputation efforts.

Proofs for two-server password authentication

Abstract: Traditional password-based authentication and key-ex-change protocols suffer from the simple fact that a single server stores the sensitive user password. In practice, when such a server is compromised, a large number of user passwords, (usually password hashes) are exposed at once. A natural solution involves splitting password between two or more servers. This work formally models the basic security requirement for two-server password authentication protocols, and in this framework provides concrete security proofs for two protocols. The first protocol considered [7] appeared at USENIX'03, but contained no security proof. For this protocol, we provide a concrete reduction to the computational Diffie-Hellman problem in the random oracle model. Next we present a second protocol, based on the same hard problem, but which is simpler, and has an easier, tighter reduction proof.

CASH: A Cost Asymmetric Secure Hash Algorithm for Optimal Password Protection

Abstract: An adversary who has obtained the cryptographic hash of a user's password can mount an offline attack to crack the password by comparing this hash value with the cryptographic hashes of likely password guesses This offline attacker is limited only by the resources he is willing to invest to crack the password Key-stretching techniques like hash iteration and memory hard functions have been proposed to mitigate the threat of offline attacks by making each password guess more expensive for the adversary to verify However, these techniques also increase costs for a legitimate authentication server We introduce a novel Stackelberg game model which captures the essential elements of this interaction between a defender and an offline attacker In the game the defender first commits to a key-stretching mechanism, and the offline attacker responds in a manner that optimizes his utility (expected reward minus expected guessing costs) We then introduce Cost Asymmetric Secure Hash (CASH), a randomized key-stretching mechanism that minimizes the fraction of passwords that would be cracked by a rational offline attacker without increasing amortized authentication costs for the legitimate authentication server CASH is motivated by the observation that the legitimate authentication server will typically run the authentication procedure to verify a correct password, while an offline adversary will typically use incorrect password guesses By using randomization we can ensure that the amortized cost of running CASH to verify a correct password guess is significantly smaller than the cost of rejecting an incorrect password Using our Stackelberg game framework we can quantify the quality of the underlying CASH running time distribution in terms of the fraction of passwords that a rational offline adversary would crack We provide an efficient algorithm to compute high quality CASH distributions for the defender Finally, we analyze CASH using empirical data from two large scale password frequency datasets Our analysis shows that CASH can significantly reduce (up to 50%) the fraction of password cracked by a rational offline adversary

User policy manageable strength-based password aging

Abstract: Password aging based on the strength of the password provides an incentive for users to generate and/or memorize more complex passwords. The strength of the password is computed from a formula that relates the length of the password and the types of characters contained in the password to a strength value, which can be performed using a lookup table having values for different characteristics of the password, determining partial strength values corresponding to the ranges in which the characteristics fall, and then adding the partial strength values. Alternatively, a separate password strength application may be used to provide the strength value, which is entered by the user or administrator generating a new password. Alternatively, the password may be generated based on a specified desired expiration period, with the strength computation performed to ensure that the strength is sufficient to merit the desired expiration period.