scispace - formally typeset
Search or ask a question
Topic

Rainbow table

About: Rainbow table is a research topic. Over the lifetime, 488 publications have been published within this topic receiving 11528 citations.


Papers
More filters
Patent
25 Nov 2013
TL;DR: In this paper, a list of methods, apparatus, systems, and articles of manufacture to manage password security is described, which includes an alarm action engine to invoke a provisional transmission block in response to detecting entry of a candidate password, a password linkage monitor to retrieve the list of password hash values associated with previously used passwords, and a comparison of the hash values to a hash of the candidate password.
Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to manage password security. An example apparatus includes an alarm action engine to invoke a provisional transmission block in response to detecting entry of a candidate password, a password linkage monitor to retrieve a list of password hash values associated with previously used passwords, and to compare the list of password hash values to a hash of the candidate password, the alarm action engine to invoke a permanent block of the candidate password when a match condition occurs between the hash of the candidate password and a hash of one of the list of password hash values.

21 citations

Posted Content
TL;DR: The execution time, code size and memory consumption of PBKDF2, bcrypt, scrypt, and the 22 PHC schemes are measured along with a benchmark analysis that is focused on the nine nalists and contributes to the nal selection of the winners.
Abstract: Password hashing is the common approach for maintaining users’ password-related information that is later used for authentication. A hash for each password is calculated and maintained at the service provider end. When a user logins the service, the hash of the given password is computed and contrasted with the stored hash. If the two hashes match, the authentication is successful. However, in many cases the passwords are just hashed by a cryptographic hash function or even stored in clear. These poor password protection practises have lead to efficient attacks that expose the users’ passwords. PBKDF2 is the only standardized construction for password hashing. Other widely used primitives are bcrypt and scrypt. The low variety of methods derive the international cryptographic community to conduct the Password Hashing Competition (PHC). The competition aims to identify new password hashing schemes suitable for widespread adoption. It started in 2013 with 22 active submissions. Nine finalists are announced during 2014. In 2015, a small portfolio of schemes will be proposed. This paper provides the first survey and benchmark analysis of the 22 proposals. All proposals are evaluated on the same platform over a common benchmark suite. We measure the execution time, code size and memory consumption of PBKDF2, bcrypt, scrypt, and the 22 PHC schemes. The first round results are summarized along with a benchmark analysis that is focused on the nine finalists and contributes to the final selection of the winners.

20 citations

Journal ArticleDOI
TL;DR: A new time-memory trade-off method is shown to be able to achieve up to a 50% reduction in terms of the storage requirement in comparison to the well-known rainbow table method, and to demonstrate a significant increase in the success rate of recovery when taking into consideration the effect of collisions.

20 citations

Patent
25 Jan 2013
TL;DR: In this paper, a flow engine identifies a flow to which a received data packet belongs, and applies a hash function to the flow key to generate a flow hash value and an entry hash value being orthogonal to each other.
Abstract: A security device performing flow classification and storing flow information in a flow table includes a flow engine generating a flow key identifying a flow to which a received data packet belongs, the flow engine applying a hash function to the flow key to generate a flow hash value and an entry hash value being orthogonal to each other. The security device includes a hash map and a flow data table. The hash map table is indexed by the flow hash value and an entry index value is derived from the entry hash value. The flow data table is indexed by the flow hash value and the entry index value to return at least a retrieved flow key from a flow record of an indexed entry.

20 citations

Proceedings ArticleDOI
Jega Anish Dev1
04 Nov 2013
TL;DR: This paper quantifies the advantage of using the CPU simultaneously with the GPU for hash cracking and describes how a potential attacker could come to possess capabilities of hash rates of at least greater than 11 times the rate of the world's fastest GPU cluster based MD5 brute forcing machine with no investment.
Abstract: Cryptographic Hash functions find ubiquitous use in various applications like digital signatures, message authentication codes and other forms of digital security. Their associated vulnerabilities therefore make them a prevalent target for cyber criminals. Cracking a hash involves brute force which is generally extremely time or computing power intensive. Recent times have seen usage of GPUs for brute forcing hashes thus significantly accelerating the rate of hash generation during brute force. This has further been extended to simultaneous usage of multiple GPUs over multiple machines or building GPU clusters having multiple GPUs on a single machine. Attackers use these methods to crack hashes within practical durations of time, to the tune of hours or days, depending on the strength of the password. This paper quantifies the advantage of using the CPU simultaneously with the GPU for hash cracking and describes how a potential attacker, with respect to the size of the botnet used, could come to possess capabilities of hash rates of at least greater than 11 times the rate of the world's fastest GPU cluster based MD5 brute forcing machine with no investment.

20 citations


Network Information
Related Topics (5)
Cryptography
37.3K papers, 854.5K citations
84% related
Encryption
98.3K papers, 1.4M citations
82% related
Public-key cryptography
27.2K papers, 547.7K citations
82% related
Authentication
74.7K papers, 867.1K citations
79% related
Key (cryptography)
60.1K papers, 659.3K citations
79% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
20215
20206
201911
201810
201729
201630