Rainbow table

About: Rainbow table is a research topic. Over the lifetime, 488 publications have been published within this topic receiving 11528 citations.

Protecting Secret Keys with Fuzzy Fingerprint Vault Based on a 3D Geometric Hash Table

Abstract: Biometrics-based user authentication has several advantages over traditional password-based systems for standalone authentication applications such as home networks This is also true for new authentication architectures known as crypto-biometricsystems, where cryptography and biometrics are merged to achieve high security and user convenience at the same time Recently, a cryptographic construct, called fuzzy vault, has been proposed for crypto-biometric systems In this paper, we propose an approach to provide both the automatic alignment of fingerprint data and higher security by using a 3D geometric hash table Based on the experimental results, we confirm that the proposed approach of using the 3D geometric hash table with the idea of the fuzzy vaultcan perform the fingerprint verification securely even with one thousand chaff data included

The cost of false alarms in Hellman and rainbow tradeoffs

Abstract: Cryptanalytic time memory tradeoff algorithms are generic one-way function inversion techniques that utilize pre-computation. Even though the online time complexity is known up to a small multiplicative factor for any tradeoff algorithm, false alarms pose a major obstacle in its accurate assessment. In this work, we study the expected pre-image size for an iteration of functions and use the result to analyze the cost incurred by false alarms. We are able to present the expected online time complexities for the Hellman tradeoff and the rainbow table method in a manner that takes false alarms into account. We also analyze the effects of the checkpoint method in reducing false alarm costs. The ability to accurately compute the online time complexities will allow one to choose their tradeoff parameters more optimally, before starting the expensive pre-computation process.

A common password method for protection of multiple accounts

Abstract: This paper proposes a common password method for users who need to protect multiple accounts using passwords. It requires a user to remember only one password, called a common password, to access any of his/her accounts. Each account is protected by a different password, called a specific password. It is generated by a one-way hash function of an account-specific random number that is stored at the account server or a proxy in an encryption form, where the encryption key is derived from the common password. Compared with a convenient but insecure practice of using one or several passwords to protect multiple accounts, the common password method is convenient and secure. It assures that compromising one specific password does not reveal the common password and any other specific password. A Web-based implementation for the common password method is also presented in this paper. It employs a Web server to store every user's account identifiers and encrypted random numbers, and to supply them to the user in a Web page that contains a password calculator written in JavaScript. The user can compute a specific password using a Web browser on his/her computer for any application that requires password authentication.

Fast, FPGA-based Rainbow Table creation for attacking encrypted mobile communications

Abstract: Encryption algorithms utilized in mobile communication systems have been under attack since their introduction, and many of these attacks have been successful in practical settings. One such example, A5/1 used in GSM, was attacked using “Rainbow Tables”, i.e. pre-computed tables that trade long offline computation and large storage for runtime efficiency when cracking the code. Traditionally, Rainbow Tables were used to reverse password hashes. Their application against A5/1 opened up a new domain of exploitation. In this paper, we present an FPGA-based architecture for the efficient creation of Rainbow Tables for the A5/3 block cipher that is used in 2nd and 3rd generation mobile communication systems. The overall goal is to extract the encryption key, provided we have a ciphertext block under a known plaintext attack. The presented architecture exploits the parallelism in the Rainbow Table creation process, and using a Virtext5 LX330T achieves speedups around 9x and 550x for one and 64 compute engines respectively. We show that due to the limited available memory in our experimental setup, our approach achieves high success rates for a key space reduced to 242. We then demonstrate how we can seamlessly extend the proposed architecture to efficiently create much larger Rainbow Tables for the full key-space.

System and method for password authentication for non-LDAP regions

Abstract: A system and method for allowing roaming of a subscriber and password authentication a non-LDAP region. A user signs onto a network access server which in turn connects to the regional LDAP RADIUS server. Password authentication occurs by hashing a transmitted password and comparing it to a clear text password from an LDAP database that has been hashed in the same manner as the transmitted password. When the subscriber is in a non-LDAP region, The password proceeds trough a proxy server to a regional RADIUS server which connects to a non-LDAP server. The non-LDAP server connects to and SMS database and retrieve the clear text password associated with the non-LDFSAP user, hashes it according the same method as the transmitted hashed password and formats the password for comparison in the regional RADIUS server. If the hashed passwords compare, the access is permitted.