Highest Voted 'rainbow-table' Questions - IT Security Stack Exchange

256

votes

8 answers

Why are salted hashes more secure for password storage?

I know there are many discussions on salted hashes, and I understand that the purpose is to make it impossible to build a rainbow table of all possible hashes (generally up to 7 characters). My understanding is that the random salted values are…

asked Feb 20 '14 at 20:58

Tsyras

2,631
3
11
7

165

votes

3 answers

What are rainbow tables and how are they used?

Where can I find one? Is there a pot of gold at the end? How do I protect against them? From the Area51 proposal This question was IT Security Question of the Week. Read the Sep 09, 2011 blog entry for more details or submit your own Question of…

cryptography hash attacks attack-prevention rainbow-table

asked Nov 16 '10 at 07:26

AviD

72,138
22
136
218

42

votes

6 answers

Length of passwords that are rainbow table safe

With large computing power (like what you can get in the Amazon cloud for example) you can generate huge rainbow tables for passwords. There also seems to be some large rainbow tables reachable that you have to pay for. What are the largest tables…

passwords rainbow-table

asked Jun 10 '14 at 00:17

rubo77

2,350
10
26
48

32

votes

12 answers

Could I recover the content of file from its checksum/hash?

Let's say I have a video file that is split into multiple parts. Each piece is 2 Megabytes. I also have a list of the *insert hash name here* for each piece and also for the full file. Now assume that I have misplaced/lost/fubar one of these…

hash brute-force rainbow-table time

asked Jan 25 '16 at 03:26

beppe9000

555
1
4
10

13

votes

1 answer

Naive implementation of Rainbow Table and/or Hellman's trade-off

This question is the same one I asked here. Since I haven't got any response or even a comment I will post it here as well. Is there any naive implementation of Hellman's cryptanalytic time memory tradeoff in C and/or a naive implementation of…

hash rainbow-table

asked Mar 23 '15 at 20:14

Frederico Schardong

131
5

13

votes

3 answers

How does a 'rainbow table' hacker obtain password hashes in the first place?

I don't understand this part of the Rainbow table attack. In all my Google searches, it says that a hacker uses a rainbow table on password hashes. But how does the hacker obtain the password hashes in the first place? I have rephrased this question…

passwords hash salt rainbow-table

asked Jun 22 '20 at 08:41

user1034912

256
2
6

10

votes

1 answer

What is the difference between a hash table and a rainbow table, and how are they both used?

Is there much of a difference between the two tables? Can you get one from the other? (i.e. hash -> rainbow) How do they work? Are there different variables (in reference to speed, strength, resources, size, etc) that other things depend on? An in…

hash penetration-test rainbow-table

asked Jul 01 '15 at 13:44

WMPR

313
1
4
9

9

votes

2 answers

Does Rainbow Table Not Require Decompression?

I understand that a rainbow table solves the storage problem when one attacks a password using precomputed hashes. However, since rainbow tables are essentially a compressed version of the hashes--dont they have to be decompressed before comparing…

hash password-cracking rainbow-table

asked Aug 17 '16 at 12:14

Minaj

1,536
2
14
23

8

votes

1 answer

Rainbow tables/hash tables versus WPA/WPA2

In Wi-Fi penetration testing, is it possible to use rainbow tables/hash tables on WPA/WPA2 networks? Is there an advantage of one over the other? Where would one get said tables or can they be…

hash penetration-test wifi wpa2 rainbow-table

asked Jul 01 '15 at 20:17

WMPR

313
1
4
9

7

votes

4 answers

Is there a way to check lists of cracked passwords without revealing my password?

I want check if my various passwords are in lists of cracked passwords, but I don't want to type the passwords online. For example, I'd rather scroll through an ordered list of passwords that have been merged from all rainbow tables and other…

passwords password-cracking rainbow-table

asked Mar 22 '17 at 23:00

Jeff

173
1
5

6

votes

1 answer

WPA/WPA2 attacks

How does someone attack a WPA/WPA2 wireless network? I have read on the two main approaches: dictionary and rainbow tables. How do you use rainbow tables in conjunction with your tool of choice? I went over to Free Rainbow tables…

rainbow-table wps wpa2-psk

asked Dec 11 '14 at 16:18

leni1

61
1
1
2

6

votes

2 answers

How do rainbow tables solve collisions?

I get the gist of it. It's like a middle ground between brute force attack and lookup table, it stores the starting plaintext and ending hash for each chain where a chain is made by reduction and hash. What I don't get is: It's said that rainbow…

rainbow-table

asked Mar 24 '16 at 15:48

User104163

409
2
6
11

5

votes

3 answers

Time Memory Trade-Off Attacks

Given, we want to crack a password. With Time Memory Trade-Off Attacks one tries to find the right balance between time to compute hashes for all possible passwords. And the used memory to store all password hash tuples, where a lookup would be…

passwords hash rainbow-table

asked Feb 16 '14 at 13:24

Angelo.Hannes

1,099
1
9
12

5

votes

2 answers

Are stronger passwords safe in case of a breach?

Passwords are not generally held by websites, instead, they hold hashes of your passwords. When there's a breach, these hashes are stolen and they are matched against rainbow tables of pre generated password hashes. Is it fair to say that if your…

cryptanalysis passwords rainbow-table

asked Feb 25 '17 at 17:01

Adrian

159
2

5

votes

5 answers

Why can salts be public?

From what I understand, salts are called "salts" rather than "keys" because they are allowed to be public. I understand that applying a random salt makes it difficult for rainbow table attacks because the hashed and salted password will be different…

encryption cryptography password-cracking salt rainbow-table

asked Aug 02 '16 at 19:33

Timothy Deng

233
2
7

Questions tagged [rainbow-table]