Presentation is loading. Please wait.

Presentation is loading. Please wait.

Password Cracking With Rainbow Tables

Similar presentations

Presentation on theme: "Password Cracking With Rainbow Tables"— Presentation transcript:

1 Password Cracking With Rainbow Tables
Spencer Dawson

2 Summary What are rainbow tables? What are the advantages/disadvantages
A time and memory tradeoff in password cracking. A piecewise approach to one-way hashes What are the advantages/disadvantages Best uses Limitations How to use rainbow tables.

3 What are rainbow tables?
A rainbow table is a lookup table offering a time-memory tradeoff used in recovering the plaintext password from a password hash generated by a hash function Approach invented by Martin Hellman The concept behind rainbow tables is simple Make one-way hash functions two way by making a list of outputs for all possible inputs up to a character limit

4 What are the limitations?
Rainbow Tables are Large A rainbow table set for windows NTHASH exactly 8 characters including only 0-10, a-z, A-Z, and the symbols !* is 134.6GB 9+ character rainbow tables can take up terabytes of space. Generating rainbow tables requires more time than a brute force attack Always “worst case” time complexity. Requires access to the password hash Salting passwords can make the approach unfeasable

5 Hash Table Advantages Rainbow Tables are built once, and used many times Fast Password lookups become a table search problem The brute force work is pre-computed Perfect for cracking weak hashes Windows LM hashes of 14 characters or less can be cracked with trivial effort Any non salting password hash can be cracked easily

6 Examples Rainbow table cracking online


Download ppt "Password Cracking With Rainbow Tables"

Similar presentations

Ads by Google