Question

Password hashes can be reversed using Rainbow Tables. Suppose a file (English text) is encrypted using a password, using the following scheme: The password is hashed, and the hash is used to encrypt the file via AES. The cipher is stores, the password and the hash are thrown away. Explain: 1. Dictionary attacks can be used to recover the password(how?) 2. Rainbow tables are not usable – why? 3. Rainbow tables can be used, if the file has a known standard header(how?)

Answer 1

Answers:

1. As from the name itself we can see that this attack is done with the help of a dictionary, Hence, the name dictionary attack is given. Dictionary Attack is usually
quite fast. Small delays are possible only if the dictionary is very large. However, the password can be recovered only in case it is present in the dictionary.
The probability that this assumption is true is not, in fact, high. Hence, dictionary attacks can be used to recover passwords.

2. Rainbow Tables: Rainbow tables are the tables which are used for precomputed hash functions especially for cracked passwords. Tables are usually used in recovering a
plaintext password up to a certain length consisting of a limited set of characters. Hence, rainbow tables have a limited usage.

3.Rainbow table consists of lots of rainbow chains. The size of each rainbow chain is 16 bytes, so the size of the table above with 3 rainbow chains will be 48 bytes.
Each rainbow chain consists of an 8 byte start point and an 8 byte end point .

Both the start point and the end point are 64-bit unsigned integer in little endian, representing a plaintext.
To support this level of flexibility, a simple 32 bytes file header is used in .rtc rainbow table.