Decryption of Frequent Password Hashes in Rainbow Tables

Abstract

Time-memory trade-off methods provide means to invert one way functions. Such attacks offer a flexible trade-off between running time and memory cost in accordance to users' computational resources. In particular, they can be applied to hash values of passwords in order to recover the plaintext. They were introduced by Martin Hellman and later improved by Philippe Oechslin with the introduction of rainbow tables. The drawbacks of rainbow tables are that they do not always guarantee a successful inversion. We address this issue in this paper. In the context of passwords, it is pertinent that frequently used passwords are incorporated in the rainbow table. It has been known that up to 4 given passwords can be incorporated into a chain but it is an open problem if more than 4 passwords can be achieved. We solve this problem by showing that it is possible to incorporate more of such passwords along a chain. Furthermore, we prove that this results in faster recovery of such passwords during the online running phase as opposed to assigning them at the beginning of the chains. For large chain lengths, the average improvement translates to 3 times the speed increase during the online recovery time.

DOI: 10.1109/CANDAR.2016.0117

5 Figures and Tables

Cite this paper

@article{Ying2016DecryptionOF, title={Decryption of Frequent Password Hashes in Rainbow Tables}, author={Hwei-Ming Ying and Noboru Kunihiro}, journal={2016 Fourth International Symposium on Computing and Networking (CANDAR)}, year={2016}, pages={655-661} }