Rainbow table

About: Rainbow table is a research topic. Over the lifetime, 488 publications have been published within this topic receiving 11528 citations.

High performance password cracking by implementing rainbow tables on nVidia graphics cards (IseCrack)

Abstract: IseCrack is a high performance implementation of rainbow tables on nVidia graphics cards (GPUs). It explores the limits of current technology in password cracking, and demonstrates the vulnerability of non-salted passwords to high speed GPU-accelerated attacks, using commercial off the shelf hardware. Passwords are by far the most common authentication method for users, and many users utilize the same password in multiple places. Many systems, including all current Microsoft operating systems, utilize non-salted passwords. If these passwords are vulnerable to attack, a user's encrypted files and online accounts can be accessed. IseCrack demonstrates that very high speed attacks against non-salted hashes are feasible, and highlights the necessity for salted password stores. IseCrack achieves a 100x speedup over existing implementations on inexpensive easily available hardware, and is designed to scale to large clusters.

A provably secure and efficient two-party password-based explicit authenticated key exchange protocol resistance to password guessing attacks

Abstract: Password-based two-party authenticated key exchange 2PAKE protocol enables two or more entities, who only share a low-entropy password between them, to authenticate each other and establish a high-entropy secret session key. Recently, Zheng et al. proposed a password-based 2PAKE protocol based on bilinear pairings and claimed that their protocol is secure against the known security attacks. However, in this paper, we indicate that the protocol of Zheng et al. is insecure against the off-line password guessing attack, which is a serious threat to such protocols. Consequently, we show that an attacker who obtained the users' password by applying the off-line password guessing attack can easily obtain the secret session key. In addition, the protocol of Zheng et al. does not provide the forward secrecy of the session key. As a remedy, we also improve the protocol of Zheng et al. and prove the security of our enhanced protocol in the random oracle model. The simulation result shows that the execution time of our 2PAKE protocol is less compared with other existing protocols. Copyright © 2015 John Wiley & Sons, Ltd.

Analysis of the Non-perfect Table Fuzzy Rainbow Tradeoff

Abstract: Time memory tradeoff algorithms are tools for inverting one-way functions, and they are often used to recover passwords from unsalted password hashes. There are many publicly known tradeoff algorithms, and the rainbow tradeoff is widely believed to be the best algorithm. This work provides an accurate complexity analysis of the non-perfect table version of the fuzzy rainbow tradeoff algorithm, which has not yet received much attention. It is shown that, when the pre-computation cost and the online efficiency are both taken into consideration, the non-perfect fuzzy rainbow tradeoff is preferable to the original rainbow tradeoff in many situations.

Statistical Optimal Hash-based Longest Prefix Match

Abstract: Longest Prefix Match (LPM) is a basic and important function for current network devices. Hash-based approaches appear to be excellent candidate solutions for LPM with the capability of fast lookup speed and low latency. The number of hash table probes, i.e. the search path of a hash-based LPM algorithm, directly determines the lookup performance. In this paper, we propose Ω-LPM to improve the lookup performance by optimizing the search path of the hash-based LPM. Ω-LPM first reconstructs the forwarding table to support random search [19], then it applies a dynamic programming algorithm to find the shortest search path based on the statistics of the matching probabilities. Ω-LPM concretely reduces the number of hash table probes via searching most of the packets in optimal search paths. Even in the worst case, the upper bound of the average search path of Ω-LPM is 1 + log2(N), here N is the length of the longest prefix in the routing table. The case studies of the name lookup in Named Data Networking and the IP lookup in current Internet demonstrate that Ω-LPM can shorten 61.04% and 86.88% search paths compared with the basic hash-based methods of name lookup [22] and IP lookup [12], respectively, furthermore Ω-LPM reduces 32.3% probes of the name lookup and 73.55% probes of the IP lookup compared with the optimal linear search. The experimental results conducted on extensional name tables and IP tables also show that Ω-LPM has both low memory overhead and excellent scalability.