Presentation is loading. Please wait.

Presentation is loading. Please wait.

Password Cracking With Rainbow Tables Spencer Dawson.

Similar presentations


Presentation on theme: "Password Cracking With Rainbow Tables Spencer Dawson."— Presentation transcript:

1 Password Cracking With Rainbow Tables Spencer Dawson

2 Summary What are rainbow tables? – A time and memory tradeoff in password cracking. – A piecewise approach to one-way hashes What are the advantages/disadvantages – Best uses – Limitations How to use rainbow tables.

3 What are rainbow tables? A rainbow table is a lookup table offering a time-memory tradeoff used in recovering the plaintext password from a password hash generated by a hash function – Approach invented by Martin Hellman The concept behind rainbow tables is simple – Make one-way hash functions two way by making a list of outputs for all possible inputs up to a character limit

4 What are the limitations? Rainbow Tables are Large – A rainbow table set for windows NTHASH exactly 8 characters including only 0-10, a-z, A-Z, and the symbols !* is 134.6GB – 9+ character rainbow tables can take up terabytes of space. – Generating rainbow tables requires more time than a brute force attack Always worst case time complexity. – Requires access to the password hash – Salting passwords can make the approach unfeasable

5 Hash Table Advantages Rainbow Tables are built once, and used many times Fast – Password lookups become a table search problem – The brute force work is pre-computed Perfect for cracking weak hashes – Windows LM hashes of 14 characters or less can be cracked with trivial effort – Any non salting password hash can be cracked easily

6 Examples Rainbow table cracking online –

7 QUESTIONS?


Download ppt "Password Cracking With Rainbow Tables Spencer Dawson."

Similar presentations


Ads by Google