| Revision as of 22:19, 9 January 2006 edit84.227.193.124 (talk)No edit summary← Previous edit | Revision as of 03:30, 13 January 2006 edit undoDavidConrad (talk | contribs)Extended confirmed users1,141 edits Rewrote and revised for clarity and focus.Next edit → | ||
| Line 1: | Line 1: | ||
| A '''rainbow table''' is a special type of ] that is constructed by placing a ] ] entry in a chain of ] and cyphertexts, generated by a ]. The end result is a table that contains statistically high chance of revealing a password within a short period of time, generally less than a minute. The |
A '''rainbow table''' is a special type of ] that is constructed by placing a ] ] entry in a chain of ] and cyphertexts, generated by a ]. The end result is a table that contains statistically high chance of revealing a password within a short period of time, generally less than a minute. The probability of the table successfully cracking the password depends on the parameters used to generate it. These include the character set used, password length, chain length, and table count. Tables are specific to the hash function they were created for e.g., MD5 tables can only crack MD5 hashes. The theory of this technique was first pioneered by Philippe Oechslin as a fast form of ] (PDF), which he implemented in the ] ] ]. The more powerful ] program was later developed that can generate and use rainbow tables for a variety of character sets and hashing algorithms, including ], ], ], etc. | ||
| ==Defense against rainbow tables== | ==Defense against rainbow tables== | ||
| A rainbow table is |
A rainbow table is ineffective against one-way hashes that include ]. For example, consider a password hash that is generated using the following function (where "." is the ] operator): | ||
| ⚫ | hash = |
||
| ⚫ | |||
| ⚫ | hash = |
||
| ⚫ | |||
| ⚫ | hash = MD5(password . salt) | ||
| ⚫ | Nearly all distributions and variations of ], ], and ] use one-way hashes |
||
| ⚫ | To recover the password, a ] cracker would have to generate every possible salt for every possible password — a rainbow table would not give any benefit. However, given a password hash generated using the simpler, unsalted function: | ||
| ⚫ | hash = MD5(password) | ||
| ⚫ | In this case, a password cracker may benefit from a rainbow table. | ||
| ⚫ | Nearly all distributions and variations of ], ], and ] use one-way hashes with salts, though many ] web applications use just a hash (typically ]) with no salt. The Windows NT/2000 family of windows uses the ] and ] hashing method and is also unsalted, which make it one of the more popularly generated tables. | ||
| ==External links== | ==External links== | ||
| Line 17: | Line 21: | ||
| * - Largest Distributed Rainbow Table Cracking System (over 600gb of tables); free LM/NTLM/MD5 online cracking | * - Largest Distributed Rainbow Table Cracking System (over 600gb of tables); free LM/NTLM/MD5 online cracking | ||
| * - free MD5 online cracking (CLOSED) | * - free MD5 online cracking (CLOSED) | ||
| * - free MD5 online cracking |
* - free MD5 online cracking with large database | ||
| * - free LM/MD5 online cracking | * - free LM/MD5 online cracking | ||
| * - Free ] rainbow tables. | * - Free ] rainbow tables. | ||
| * - Community based distributed rainbow table generation | * - Community based distributed rainbow table generation | ||
| {{compu-stub}} | {{compu-stub}} | ||
Revision as of 03:30, 13 January 2006
A rainbow table is a special type of lookup table that is constructed by placing a plaintext password entry in a chain of keys and cyphertexts, generated by a one-way hash. The end result is a table that contains statistically high chance of revealing a password within a short period of time, generally less than a minute. The probability of the table successfully cracking the password depends on the parameters used to generate it. These include the character set used, password length, chain length, and table count. Tables are specific to the hash function they were created for e.g., MD5 tables can only crack MD5 hashes. The theory of this technique was first pioneered by Philippe Oechslin as a fast form of time-memory tradeoff (PDF), which he implemented in the Windows password cracker Ophcrack. The more powerful RainbowCrack program was later developed that can generate and use rainbow tables for a variety of character sets and hashing algorithms, including LM hash, MD5, SHA1, etc.
Defense against rainbow tables
A rainbow table is ineffective against one-way hashes that include salts. For example, consider a password hash that is generated using the following function (where "." is the concatenation operator):
hash = MD5(password . salt)
To recover the password, a password cracker would have to generate every possible salt for every possible password — a rainbow table would not give any benefit. However, given a password hash generated using the simpler, unsalted function:
hash = MD5(password)
In this case, a password cracker may benefit from a rainbow table.
Nearly all distributions and variations of Unix, Linux, and BSD use one-way hashes with salts, though many PHP web applications use just a hash (typically MD5) with no salt. The Windows NT/2000 family of windows uses the LAN Manager and NT LAN Manager hashing method and is also unsalted, which make it one of the more popularly generated tables.
External links
- Ophcrack page by Philippe Oechslin - The original rainbow table research with online demo
- Project RainbowCrack - Official site.
- RainbowCrack Tutorial - Tutorial on using Rainbow Tables.
- winrtgen - GUI for rtgen.
- Plain-Text Team - Largest Distributed Rainbow Table Cracking System (over 600gb of tables); free LM/NTLM/MD5 online cracking
- PassCracking.com - free MD5 online cracking (CLOSED)
- PassCracking.ru - free MD5 online cracking with large database
- milw0rm.com - free LM/MD5 online cracking
- rainbowtables.shmoo.com - Free LanMan rainbow tables.
- rainbowcrack.com - Community based distributed rainbow table generation
 | This computing article is a stub. You can help Misplaced Pages by expanding it. |