In: Computer Science
Password hashes can be reversed using Rainbow Tables. Suppose a file (English text) is encrypted using a password, using the following scheme: The password is hashed, and the hash is used to encrypt the file via AES. The cipher is stores, the password and the hash are thrown away. Explain: 1. Dictionary attacks can be used to recover the password(how?) 2. Rainbow tables are not usable – why? 3. Rainbow tables can be used, if the file has a known standard header(how?)
Answers:
1. As from the name itself we can see that this attack
is done with the help of a dictionary, Hence, the name dictionary
attack is given. Dictionary Attack is usually
quite fast. Small delays are possible only if the dictionary is
very large. However, the password can be recovered only in case it
is present in the dictionary.
The probability that this assumption is true is not, in fact, high.
Hence, dictionary attacks can be used to recover
passwords.
2. Rainbow Tables: Rainbow tables are the tables which
are used for precomputed hash functions especially for cracked
passwords. Tables are usually used in recovering a
plaintext password up to a certain length consisting of a limited
set of characters. Hence, rainbow tables have a limited
usage.
3.Rainbow table consists of lots of rainbow chains. The
size of each rainbow chain is 16 bytes, so the size of the table
above with 3 rainbow chains will be 48 bytes.
Each rainbow chain consists of an 8 byte start point and an 8 byte
end point .
Both the start point and the end point are 64-bit
unsigned integer in little endian, representing a plaintext.
To support this level of flexibility, a simple 32 bytes file header
is used in .rtc rainbow table.