Rainbow table

About: Rainbow table is a research topic. Over the lifetime, 488 publications have been published within this topic receiving 11528 citations.

Cryptanalysis of An Advanced Authentication Scheme

Abstract: In this paper we study a scheme for making cryptanalysis and security improvement. This protocol by Song, is a password authentication protocol using smart card. We note that this protocol has been shown to be prone to the offline password guessing attack. We perform an additional cryptanalysis on this scheme and detect that it is vulnerable to the clogging attack, a type of denial-of-service attack. We notice that all smart card typed authentication schemes which lead the scheme by Song, and need the server to find the computationally exhaustive modular exponentiation, similar to the scheme by Xu et al., and it is vulnerable to the clogging attack. Then we propose an enhancement in the scheme to avoid the clogging attack.

Data tamper-proofing method and system

Abstract: The invention discloses a data tamper-proofing method comprising the following steps of after original data information is segmented before sending, hashing the segmented information by using a pre-stored hash function to acquire an original data information verification string; synchronously sending the original data and the original data information verification string when in sending, synchronously receiving the sent data information and original data information verification string when in receiving; after the data information and the original data information verification string are received, segmenting the received data information, and then hashing the segmented information by using the pre-stored hash function to acquire a received data information verification string; and judging whether the received data information verification string is accordant with the original data information verification string by comparison, if yes, determining that the received data information is not tampered, and otherwise, determining that the received data information is tampered. The invention also provides a data tamper-proofing system. According to the method and the system provided by the invention, the difficulty of tampering the data by a third party is greatly increased, a collision attack from the third party with the aid of a rainbow table is effectively prevented, data falsification of a user is prevented, and data transmission security is ensured.

Methods for securing an account-management application and apparatuses using the same

Abstract: The invention introduces a method for securing an account-management application, performed by a processing unit, which contains at least the following steps. An executable file of a first type, a first log-in password and a product serial-number are provided. A first encryption-and-hashing algorithm is executed to encrypt and hash the executable file of the first type and the first log-in password by using the product serial-number to generate first cipher-and-hashed data. A second encryption-and-hashing algorithm is executed to encrypt and hash the product serial-number by using the first log-in password to generate second cipher-and-hashed data. The first cipher-and-hashed data, the second cipher-and-hashed data and the product serial-number are stored in a storage device.

Design and Analysis of a New One-time Password Authentication Scheme

Abstract: Some usual one-time password authentication protocols are analyzed. A new one-time password authentication scheme is designed based on challenge/response authentication method, which provides client/server with mutual authentication and can reduce server's overhead. It also conquers usual challenge/response protocol weakness and can protect user's identity and avoid replay attack etc. Finally its security and efficiency character are analyzed in detail.

Faster Cryptanalytic Time-memory Trade-off Using Rainbow Table

Abstract: A cryptographic hash function is a function that takes an arbitrary-length data and returns a fixed-size digest. Hash functions are widely used in password authentication based on the one way property. Many websites or servers save user passwords using a hash function. Time-memory trade-off attack was presented by Martin Hellman in 1980. With limited storage and computing capacity, the attacker can get the passwords in an acceptable period of time. In 2003, Philippe Oechslin proposed a more efficient method by introducing a new table structure called rainbow table. Then, a number of improvements have been proposed based on rainbow table. In this paper, we propose a faster cryptanalytic time-memory trade-off using rainbow table based on probability statistics, which can greatly improve the searching efficiency with small losses of success rate. The searching time will be reduced 86.21% compared with the original algorithm when the success rate has a loss of 4.12%. The algorithm is a trade-off between efficiency and success rate.