Rainbow table

About: Rainbow table is a research topic. Over the lifetime, 488 publications have been published within this topic receiving 11528 citations.

An efficient password authentication scheme based on a unit circle

Abstract: In this paper, a password authentication scheme based on a unit circle encoding is proposed. In our scheme, a one-way function and a cryptographic operation such as DES (data encryption standard) are adopted. Besides, in our scheme, the system only need to store a master secret key, and each user can select his own password freely. Instead of storing a password verification table inside the computer system, our method only has to store a corresponding table of identities, which is used by the computer system for validating the submitted passwords. Owing to this scheme the system can quickly and efficiently respond to any log-in attempt, and is suitable for real-time applications. Furthermore, in our scheme, the system does not need to reconstruct any term of the existing key table, when a new user is inserted into the system. Thus, our scheme is suitable for practical implementation.

Research on Extracting System Logged-In Password Forensically from Windows Memory Image File

Abstract: Forensics analysis of physical memory is a key point in computer living forensics. Most of the research carried out focusing on enumerating processes and threads by accessing memory resident objects. However, collecting case sensitive information from the extracted memory content is import and difficult in computer forensics. Password plaintext is one of the most concerning sensitive information to an investigator. The traditional methods to extract system logged in password plaintext mainly rely on cracker tools, whose success rate depend on the password complexity. The important contribution of the paper is a new technique for extracting system logged-in password plaintext from physical memory. It allows extracting arbitrary length system logged-in password plaintext. The proposed method can extract system logged-in password plaintext of Windows XP and Windows 7.

Password recovery on challenge and response: impossible differential attack on hash function

Abstract: We propose practical password recovery attacks against two challenge-response authentication protocols using MD4. When a response is computed as MD4(Password||Challenge), passwords up to 12 characters are practically recovered. To recover up to 8 characters, we need 16 times the amount of eavesdropping and 16 times the number of queries, and the off-line complexity is less than 235 MD4 computations. To recover up to 12 characters, we need 210 times the amount of eavesdropping and 210 times the number of queries, and the off-line complexity is less than 240 MD4 computations.When a response is computed as MD4(Password||Challenge||Password), passwords up to 8 characters are practically recovered by 28 times the amount of eavesdropping and 28 times the number of queries, and the off-line complexity is less than 239 MD4 computations. Our approach is similar to the "Impossible differential attack", which was originally proposed for recovering the block cipher key. Good impossible differentials for hash functions are achieved by using local collision. This indicates that the presence of one practical local collision can damage the security of protocols.

A Probabilistic Approach for Authenticating Text or Graphical Passwords Using Back Propagation

Abstract: Password authentication is a common approach to the system security and it is also a very important procedure to gain access to user resources. In the conventional password authentication methods a server has to authenticate the legitimate user. In our proposed method users can freely choose their passwords from a defined character set or they can use a graphical image as password and that input will be normalized. Neural networks have been used recently for password authentication in order to overcome pitfall of traditional password authentication methods. In this paper we proposed a method for password authentication using alphanumeric password and graphical password. We used Back Propagation algorithm for both alphanumeric (Text) and graphical password by which the level of security can be enhanced. This paper along with test results show that converting user password in to Probabilistic values enhances the security of the system