Rainbow table

About: Rainbow table is a research topic. Over the lifetime, 488 publications have been published within this topic receiving 11528 citations.

A New Self-Updating Hash Chain Structure Scheme

Abstract: Self-Updating Hash Chain can be used extensively in many fields, such as one time password(OTP), signatures and authentication etc. In this paper, we propose a new self-updating hash chain based linear partition-combination algorithm (LPCA), which can share data into m parts and any part can’ t leak any information of data s. At a each exchange process, one part of s is transferred. When servers receive k(k≪m parts of s, servers can reconstruct s, the root of a new hash chain is created. Analysis are given to illustrate the Structure Scheme is secure and efficient.

Password recovery attack on authentication protocol MD4(Password||Challenge)

Abstract: Several widely used hash functions such as MD4 and MD5 have been proven to be insecure. As a result, it was announced that the security of APOP, which is a hash based challenge and response authentication protocol, is totally broken. Several candidates of strengthened APOP are considered. This paper deals with one of these candidates, which is described as Hash(Password||Challenge) whereas previous APOP is done as Hash(Challenge||Password). Actually, Hash(P||C) is already used in other protocols such as CHAP.The main contribution of this paper is the proposal of a password recovery attack on MD4(P||C). Let l be the length of password. If l ≤ 16, the whole password will be recovered with 237 online queries and 221 offline MD4 computations. If 16

Low overhead method to detect new connection rate for network traffic

Abstract: A system and method for detecting new connection rates for network traffic that employs a set of tables and a hash function. Information identifying a connection is hashed to a hash value using the hash function. Each hash value identifies a location in a first table and a second table. The hash values for the connections detected during a predetermined time period are stored in the first table. The hash values for the connections detected during the predetermined time period preceding the current time period are stored in the second table. As the hash values are stored in the first table, they are compared to the hash values stored in the second table to identify new connections. The new connections are accumulated. The second table is then cleared, and the hash values for the detected connections in the next time period are stored in the second table.

User name password authentication method implemented on basis of public key algorithm

Abstract: The invention discloses a user name password authentication method implemented on the basis of a public key algorithm. According to the user name password authentication method, the public key algorithm is introduced in the authenticating process; the authentication is implemented by using the public key algorithm; a user password is not directly used for authenticating, but is used for protecting a private key of a user. According to the invention, on the premise of not increasing the authentication difficulty of the user, safety of a user name password authentication mode is improved and a rainbow table attack can be effectively resisted.

Password update device and recording medium

Abstract: PROBLEM TO BE SOLVED: To prevent a damage by a theft, of a password on a network by automatically updating the password without giving a user an extra labor. SOLUTION: A user inputs the only and an absolute password that is the only, absolute one and stores the in an absolute password storage part 21. If it is an update period of time which an update monitoring part 23a monitors when there is a connection demand from a connection demand part 27 to a Web server, a password operation part 23b is stored in a randomization parameter storage part 22, a new password is generated from the absolute password stored in the absolute password storage part 21 by using a randomization parameter selected by a parameter selection part 23c and a new password storage part 25 is made to store it. Then, an update demand part 26 transmits the current password stored in a password history file 24 and a new password stored in a new password storage part 25 is transmitted to the Web server and update of the password is demanded.