| Rainbow Tables |
Article Index for Rainbow |
Website Links For Rainbow |
Information AboutRainbow Tables |
| CATEGORIES ABOUT RAINBOW TABLE | |
| cryptographic attacks | |
| search algorithms | |
| data structures | |
|
A rainbow table is a Lookup Table offering a Time-memory Tradeoff used in recovering the Plaintext Password from a password hash generated by a Hash Function , often a Cryptographic Hash Function . A common application is to make attacks against hashed passwords feasible. Salt is often employed with hashed passwords to avoid this attack. HISTORY Rainbow tables are a refinement of an earlier, simpler, but less efficient algorithm that used the inversion of hashes by looking up precomputed hash chains. Each table depends on the hash function and the ''reduce function'' used. The ''reduce function'' is a Surjective ("onto") function which maps a hash to a password using the desired character set and password length. Therefore, a ''reduce function'' for lowercase alphanumeric passwords of 8 characters length is different from a ''reduce function'' for case-sensitive alphanumeric passwords of 5–16 characters length. A chain is a sequence of passwords. A starting password is chosen, and the following is done to get the next one in the chain: reduce After a chain containing a suitable number of passwords is created, the final password in the chain is hashed, and the final hash and the starting password are stored together in the rainbow table. To reverse a hash, look for it in the table. If it isn't found, the following is done to get another hash to try: hash This is repeated until a hash is finally found in the table. When a match is found, the original password that started the chain that ended with that hash can then be used to generate all the other passwords, and hence hashes, in the chain. Each of the hashes thus generated will be checked against the original target hash, thus hopefully revealing the correct password. The end result is a table that contains statistically high chance of revealing a password within a short period of time, generally less than a minute. The success probability of the table depends on the parameters used to generate it. These include the character set used, password length, chain length, and table count. Success probability is defined as the probability that the plaintext can be found for a given ciphertext. In the case of passwords, the password is the plaintext, and the hash of the password is the ciphertext, so the success probability is the probability that the original password can be recovered from the password hash. RAINBOW TABLES Rainbow tables use a refined algorithm with a different reduction function for each "link" in a chain, so that when there is a hash collision in two or more chains the chains will not merge so long as collision doesn't occur at the same position in each chain. As well as increasing the probability of a correct crack for a given table size, this use of multiple reduction functions approximately doubles the speed of lookups. See the paper cited below for details. Rainbow tables are specific to the hash function they were created for e.g., Password Cracker Ophcrack . The more powerful RainbowCrack program was later developed that can generate and use rainbow tables for a variety of character sets and hashing algorithms, including LM Hash , MD5 , SHA1 , etc. Example We have a hash (''re3xes'') and we want to find the password that produced that hash. DEFENSE AGAINST RAINBOW TABLES A rainbow table is ineffective against one-way hashes that include Salts . For example, consider a password hash that is generated using the following function (where "." is the Concatenation operator): hash = MD5 (password . salt) Salt effectively extends the length and potentially the complexity of the password. If the rainbow tables do not have passwords matching the length (e.g. 8 bytes in the password, and 2 bytes of salt, is now effectively a 10 byte password) and complexity (non-alphanumeric salt increases the complexity of strictly alphanumeric passwords) of the salted password, then the password will not be found. If found, one will have to remove the salt from the password before it could be used. Also, Rainbow tables tend to have little or no success when extrapolating outside the range of symbols or password length computed into the table. So, choosing a password that is longer or contains symbols not accounted for inside a Rainbow table can be very effective. Because of the sizable investment in computing processing, Rainbow tables beyond 8 places in length are not yet common. However, certain intensive efforts focused on LM Hash , an older hash algorithm used by Microsoft, exist in the public domain; for example, the rainbow table available from the Shmoo Group. COMMON USES Nearly all distributions and variations of Unix , Linux , and BSD use hashes with salts, though many applications use just a hash (typically MD5 ) with no salt. The Windows NT/2000 family uses the LAN Manager and NT LAN Manager hashing method and is also unsalted, which make it one of the more popularly generated tables. SEE ALSO REFERENCES
EXTERNAL LINKS
|
|
|