Password cracking using rainbow tables

We have just installed a new copy of our Windows, spending hours to update it with that pile of patches commonly known as Windows Update, choose a strong alphanumeric password to yield Morpheus, confident that our system is inviolable.

Surely many will recognize in this example, we follow spending hours and hours to install, configure and upgrade a system. In our work we diligently protect the password of ten or more characters that we remember with difficulty because, aware of how quickly crack a password policy, which we have chosen a difficult string

 



 3N1rvAn%% @! -

 

Good work, merit a proper rest, and yet this system suffers from a weakness that makes them prone to a fast password cracker.

In this article we will discuss the password cracking using rainbow tables, a technique that speeds up the cracking of credentials of certain systems of different orders of magnitude, giving its peculiarities and limitations.

Password and Hash

First of all, let us reflect for a moment on how to store your passwords are generally: of course it is desirable that this sensitive information are kept in a clear, therefore, typically prefer to use hashing algorithms that encode the password using our non-reversible mathematical functions. For those ignorant of mathematical analysis, it is recalled that a function is not invertible is an association between two objects that you can not get through the starting point, the only result, reported in our case means that you can not get the password only possessing hash value generated by the algorithm (called a hash).

Although many people think the opposite, a hash is far from unique and, on the contrary, there are infinitely many values ​​that produce the same hash, but in a good hashing algorithm the probability that they are two strings that produce the same hash is minimal, infinitesimal value, correctly (in a statistical sense) approximated to zero. This means that finding a string that is encoded in the same hash is encoded in our password is absolutely unlikely.

When we type our password hash is recalculated, using the same algorithm, and this is not the password value to be compared. Thus we can safely maintain our hash file, make sure that the hundreds of trillions of possible combinations our password is inviolable. Obviously, an attack that seeks to exhaust all possibilities (called "key space") will undoubtedly find a string that can produce the same hash, but we, from the above, our assurance is that the combinations are in sufficient number to not allow this in a reasonable time.

Rainbow Tables

We introduce the rainbow tables, the idea was conceived in the eighties by the American mathematician Martin Hellman, but had its full extent through the subsequent studies by Philippe Oechslin.

At the base there is a rather simple and intuitive consideration, "because every time all the possible calcorare up to obtain a hash that matches the password you are looking for?" If I had prematurely calculated and stored every possible combination in a kind of telephone book of the algorithm, we could in a more flexible search the archive and find the right hash. In fact, the cost of a password cracking is mainly a function of calculating the hash, which include complex mathematical algorithms to be produced, compared to the latter, the string comparison to determine if the hash (the research phase) is correct is a negligible cost of time.

• <<
• 1
• 2
• 3
• >>