Rainbow table

About: Rainbow table is a research topic. Over the lifetime, 488 publications have been published within this topic receiving 11528 citations.

System and method for password validation

Abstract: A method and system for password validation. A user identifier (ID) and a user keying password are received from a user in conjunction with reception of a request from the user to obtain access to an application. The user keying password is a sequence of characters including at least one character from a first set of characters and at least one character from a second set of characters. The first set of characters are text characters allowed for defining a user password. The second set of characters are keying characters not allowed for defining a user password. It is determined whether the received user keying password matches a keying password reference. The keying password reference is based on a password definition rule.

On password-based authenticated key exchange using collisionful hash functions

Abstract: This paper presents an attack on Anderson and Lomas's proposed password-based authenticated key exchange protocol that uses collisionful hash functions The weaknesses of the protocol when an old session key is compromised are studied and alternative solutions are given

Private access to hash tables

Abstract: A server and a client mutually exclusively execute server-side and client-side commutative cryptographic processes and server-side and client-side commutative permutation processes. The server has access to a hash table, while the client does not. The server and client perform a method including: encrypting and reordering the hash table using the server; communicating the encrypted and reordered hash table to the client; further encrypting and further reordering the hash table using the client; communicating the further encrypted and further reordered hash table back to the server; and partially decrypting and partially undoing the reordering using the server to generate a double-blind hash table. To read an entry, the client hashes and permute an index key and communicates same to the server which retrieves an item from the double-blind hash table using the hashed and permuted index key and sends it back to the client which decrypts the retrieved item.

Application of LFSRs in time/memory trade-off cryptanalysis

Abstract: Time/memory trade-off (TMTO) attacks require the generation of a sequence of functions which are obtained as minor modifications of a one-way function to be inverted. We carefully examine the requirements for such function generation. A counter based method is used to generate the functions for the rainbow method. We show that there are functions for which the counter method fails. This is similar to the example given by Fiat and Naor for the Hellman TMTO. Our main contribution is to suggest the use of LFSR sequences for function generation to be used in the rainbow TMTO. Properties of LFSR sequences such as long period, pseudorandomness properties and efficient forward and backward generation make such sequences useful for the intended application. One specific advantage is that it is not possible to a priori construct a Fiat-Naor type example for the LFSR based rainbow method.

Method and apparatus for authenticating a password

Abstract: A password formed of several fields ( 101 - 105 ) is presentable in a series of instances ( 100, 110, 120, 130 ). The fields include at least one of (a) a static field ( 105 ) that does not change upon each instance of the password and (b) a dynamic field ( 101, 102 ) that changes with each instance of the password based upon extrinsic data. Further, there is a “hysteresis” field (or a “dynamic field with history”, 103, 104 ) which contains data that is a function of a preceding instance of the password. When a current presented instance ( 110 ) of the password is input/received, a comparison operation is performed in which the hysteresis field ( 113, 114 ) of the current presented instance of the password is compared using data retained since a prior instance of authentication of the password ( 101, 102 ).