Rainbow table

About: Rainbow table is a research topic. Over the lifetime, 488 publications have been published within this topic receiving 11528 citations.

Spark platform-based password hash value recovery method and device

Abstract: The invention discloses a Spark platform-based password hash value recovery method and device. The design method includes a rainbow table data generation step and a rainbow table decryption step. According to the method, the first-of-chain node value of each rainbow chain is recorded as an SV (Start Value), and the last-of-chain node value of each rainbow chain is recorded as an EV (End Value); based on the processing capability of the Spark platform for large-scale data, a map function is utilized to effectively calculate EV corresponding to SV, so that rainbow chains can be generated, and are stored in an HDFS (Hadoop distributed file system), and rainbow table data generation is completed; and a filter function is utilized to find all SV corresponding to a ciphertext to be decrypted, and a foreach function is called to generate complete rainbow chains according to each SV, and the ciphertext can be decrypted.

Enhanced Virtual Password Authentication Scheme Resistant to Shoulder Surfing

Abstract: A username and password based login mechanism is commonly used for authenticating a user in online environments. It is a popular scheme because it helps to balance the usability and security traits of the system. However, online environments and pervasive computing may bring many risks through adversaries. Shoulder-surfing attack is one of the risks where attacker observes the authentication process and captures the password of victims. This paper proposes a hybrid-based authentication scheme termed "Enhanced Virtual Password Authentication (EVPA)". EVPA is designed to implement a virtual password mechanism to resist the shoulder surfing attacks. The virtual password mechanism requires a string part of password and a mathematical functional value to secure user passwords. The mathematical functional value keeps changing for each login session. This method uses a system generated random value and secret mathematical operation against the pre-selected secret number to obtain a mathematical functional value. Several experiments were conducted and the results demonstrate that systems are resilient to password attacks and usable for day to day purposes.

Heterogeneous Rainbow Table Widths Provide Faster Cryptanalyses

Abstract: Cryptanalytic time-memory trade-offs are techniques introduced by Hellman in 1980 to speed up exhaustive searches. Oechslin improved the original version with the introduction of rainbow tables in 2003. It is worth noting that this variant is nowadays used world-wide by security experts, notably to break passwords, and a key assumption is that rainbow tables are of equal width. We demonstrate in this paper that rainbow tables are underexploited due to this assumption never being challenged. We stress that the optimal width of each rainbow table should be individually -- although not independently -- calculated. So it goes for the memory allocated to each table. We also stress that visiting sequentially the rainbow tables is no longer optimal when considering tables with heterogeneous widths. We provide an algorithm to calculate the optimal configuration and a decision function to visit the tables. Our technique performs very well: it makes any TMTO based on rainbow tables 40% faster than its classical version.