scispace - formally typeset
Search or ask a question
Topic

Rainbow table

About: Rainbow table is a research topic. Over the lifetime, 488 publications have been published within this topic receiving 11528 citations.


Papers
More filters
Book ChapterDOI
29 Jun 2015
TL;DR: A 25-gigabyte "point obfuscation" challenge using security parameter 60 was announced at the Crypto 2014 rump session; point obfuscation is another name for password hashing as mentioned in this paper.
Abstract: A 25-gigabyte “point obfuscation” challenge “using security parameter 60” was announced at the Crypto 2014 rump session; “point obfuscation” is another name for password hashing. This paper shows that the particular matrix-multiplication hash function used in the challenge is much less secure than previous password-hashing functions are believed to be. This paper’s attack algorithm broke the challenge in just 19 minutes using a cluster of 21 PCs.

14 citations

Posted Content
TL;DR: This paper adds the perfect table versions of the distinguished point method and the rainbow table method to the list of major tradeoff algorithms, and obtains a closed-form formula for the average length of chains associated with a perfect distinguished point table.
Abstract: The performances of three major time memory tradeoff algorithms were compared in a recent paper. The algorithms considered there were the classical Hellman tradeoff and the non-perfect table versions of the distinguished point method and the rainbow table method. This paper adds the perfect table versions of the distinguished point method and the rainbow table method to the list, so that all the major tradeoff algorithms may now be compared against each other. Even though there are existing claims as to the superiority of one tradeoff algorithm over another algorithm, the algorithm performance comparisons provided by the current work and the recent preceding paper are of more practical value. Comparisons that take both the cost of pre-computation and the efficiency of the online phase into account, at parameters that achieve a common success rate, can now be carried out with ease. Comparisons can be based on the expected execution complexities rather than the worst case complexities, and details such as the effects of false alarms and various storage optimization techniques need no longer be ignored. A significant portion of this paper is allocated to accurately analyzing the execution behavior of the perfect table distinguished point method. In particular, we obtain a closed-form formula for the average length of chains associated with a perfect distinguished point table.

14 citations

Journal ArticleDOI
TL;DR: The proposed scheme is useful in solving the security problems that occurred in systems using the password table and verification table and allows each user to select a username and password of his/her choice.
Abstract: Information security has been a critical issue in the field of information systems. One of the key factors in the security of a computer system is how to identify the authorization of users. Password-based user authentication is widely used to authenticate a legitimate user in the current system. In conventional password-based user authentication schemes, a system has to maintain a password table or verification table which stores the information of users’ IDs and passwords. Although the one-way hash functions and encryption algorithms are applied to prevent the passwords from being disclosed, the password table or verification table is still vulnerable. In order to solve this problem, in this paper, we apply the technique of back-propagation network instead of the functions of the password table and verification table. Our proposed scheme is useful in solving the security problems that occurred in systems using the password table and verification table. Furthermore, our scheme also allows each user to select a username and password of his/her choice.

13 citations

Posted Content
TL;DR: Time-Memory tradeoff by Hellman may be extended to Time-Memory-Key tradeoff thus allowing attacks much faster than exhaustive search for ciphers for which typically it is stated that no such attack exists.
Abstract: In this paper we show that Time-Memory tradeoff by Hellman may be extended to Time-Memory-Key tradeoff thus allowing attacks much faster than exhaustive search for ciphers for which typically it is stated that no such attack exists. For example, as a result AES with 128-bit key has only 85-bit security if 2 encryptions of an arbitrary fixed text under different keys are available to the attacker. Such attacks are generic and are more practical than some recent high complexity chosen related-key attacks on round-reduced versions of AES. They constitute a practical threat for any cipher with 80-bit or shorter keys and are marginally practical for 128-bit key ciphers. We also show that UNIX password scheme even with carefully generated passwords is vulnerable to practical tradeoff attacks. Finally we also demonstrate a combination of rainbow tables with the time-memory-data tradeoff which results in a new tradeoff curve.

13 citations

Book ChapterDOI
01 Jan 2018
TL;DR: The goal of this chapter is to highlight the current state of password cracking techniques, as well as discuss some of the cutting edge approaches that may become more prevalent in the near future.
Abstract: At its heart, a password cracking attack is a modeling problem. An attacker makes guesses about a user’s password until they guess correctly or they give up. While the defender may limit the number of guesses an attacker is allowed, a password’s strength often depends on how hard it is for an attacker to model and reproduce the way in which a user created their password. If humans were effective at practicing unique habits or generating and remembering random values, cracking passwords would be a near impossible task. That is not the case, though. A vast majority of people still follow common patterns, from capitalizing the first letter of their password to putting numbers at the end. While people have remained mostly the same, the password security field has undergone major changes in an ongoing arms race between the attackers and defenders. The goal of this chapter is to highlight the current state of password cracking techniques, as well as discuss some of the cutting edge approaches that may become more prevalent in the near future.

13 citations


Network Information
Related Topics (5)
Cryptography
37.3K papers, 854.5K citations
84% related
Encryption
98.3K papers, 1.4M citations
82% related
Public-key cryptography
27.2K papers, 547.7K citations
82% related
Authentication
74.7K papers, 867.1K citations
79% related
Key (cryptography)
60.1K papers, 659.3K citations
79% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
20215
20206
201911
201810
201729
201630