Analysis of the use of Rainbow Tables to break hash

Horálek, Josef; Holík, Filip; Horák, Oldřich; Petr, Lukáš; Soběslav, Vladimír

doi:10.3233/jifs-169147

Cited by 13 publications

(7 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Salts defend against a pre-computed hash attack, e.g., rainbow tables [ 120 ]. Since salts do not have to be memorized by humans, they can make the size of the hash table required for a successful attack prohibitively large without placing a burden on the users.…”

Section: Applicationsmentioning

confidence: 99%

Entropy Sources Based on Silicon Chips: True Random Number Generator and Physical Unclonable Function

Cao

Liu

Lan

et al. 2022

Entropy

View full text Add to dashboard Cite

Entropy is a measure of uncertainty or randomness. It is the foundation for almost all cryptographic systems. True random number generators (TRNGs) and physical unclonable functions (PUFs) are the silicon primitives to respectively harvest dynamic and static entropy to generate random bit streams. In this survey paper, we present a systematic and comprehensive review of different state-of-the-art methods to harvest entropy from silicon-based devices, including the implementations, applications, and the security of the designs. Furthermore, we conclude the trends of the entropy source design to point out the current spots of entropy harvesting.

show abstract

Section: Applicationsmentioning

confidence: 99%

Entropy Sources Based on Silicon Chips: True Random Number Generator and Physical Unclonable Function

Cao

Liu

Lan

et al. 2022

Entropy

View full text Add to dashboard Cite

show abstract

“…This has to be done in agreement with the attribute authority. We assume that for private attributes the rainbow attack [ 42 ] is hard. To create a secret key of client

for an attribute

, it has to contact the relevant attribute authority and after proving its identity, a secret key

(or

in case that the attribute authority follows a privacy preserving approach) will be generated by the attribute authority

as in ( 1 ).…”

Section: Model Descriptionmentioning

confidence: 99%

Attred: Attribute Based Resource Discovery for IoT

Kamel

Yan

Ligeti

et al. 2021

Sensors

View full text Add to dashboard Cite

While the number of devices connected together as the Internet of Things (IoT) is growing, the demand for an efficient and secure model of resource discovery in IoT is increasing. An efficient resource discovery model distributes the registration and discovery workload among many nodes and allow the resources to be discovered based on their attributes. In most cases this discovery ability should be restricted to a number of clients based on their attributes, otherwise, any client in the system can discover any registered resource. In a binary discovery policy, any client with the shared secret key can discover and decrypt the address data of a registered resource regardless of the attributes of the client. In this paper we propose Attred, a decentralized resource discovery model using the Region-based Distributed Hash Table (RDHT) that allows secure and location-aware discovery of the resources in IoT network. Using Attribute Based Encryption (ABE) and based on predefined discovery policies by the resources, Attred allows clients only by their inherent attributes, to discover the resources in the network. Attred distributes the workload of key generations and resource registration and reduces the risk of central authority management. In addition, some of the heavy computations in our proposed model can be securely distributed using secret sharing that allows a more efficient resource registration, without affecting the required security properties. The performance analysis results showed that the distributed computation can significantly reduce the computation cost while maintaining the functionality. The performance and security analysis results also showed that our model can efficiently provide the required security properties of discovery correctness, soundness, resource privacy and client privacy.

show abstract

“…The success rates of the rainbow tables for A5/1 are improved in [12]. Rainbow tables are commonly used to invert hash functions and crack passwords [13][14][15][16][17]. Even though rainbow tables are ubiquitously used in the real world applications, Biryukov et al show that Hellman tables are superior to rainbow tables in multiple data scenario [31].…”

Section: Hellman and Rainbow Tablesmentioning

confidence: 99%

“…The tradeoff attacks can be quite effective against some real world cryptographic primitives. The tradeoff tables can be used in practical applications to break real life ciphers such as A5/1 for the GSM encryption [10][11][12] or to crack passwords by finding preimages to hash functions [13][14][15][16][17]. In this chapter, we introduce briefly how to use tradeoff tables to invert small sized one-way functions.…”

Section: Introductionmentioning

confidence: 99%

Tradeoff Attacks on Symmetric Ciphers

Kara¹

2021

Cryptography - Recent Advances and Future Developments

View full text Add to dashboard Cite

Tradeoff attacks on symmetric ciphers can be considered as the generalization of the exhaustive search. Their main objective is reducing the time complexity by exploiting the memory after preparing very large tables at a cost of exhaustively searching all the space during the precomputation phase. It is possible to utilize data (plaintext/ciphertext pairs) in some cases like the internal state recovery attacks for stream ciphers to speed up further both online and offline phases. However, how to take advantage of data in a tradeoff attack against block ciphers for single key recovery cases is still unknown. We briefly assess the state of art of tradeoff attacks on symmetric ciphers, introduce some open problems and discuss the security criterion on state sizes. We discuss the strict lower bound for the internal state size of keystream generators and propose more practical and fair bound along with our reasoning. The adoption of our new criterion can break a fresh ground in boosting the security analysis of small keystream generators and in designing ultra-lightweight stream ciphers with short internal states for their usage in specially low source devices such as IoT devices, wireless sensors or RFID tags.

show abstract

Analysis of the use of Rainbow Tables to break hash

Cited by 13 publications

References 13 publications

Entropy Sources Based on Silicon Chips: True Random Number Generator and Physical Unclonable Function

Entropy Sources Based on Silicon Chips: True Random Number Generator and Physical Unclonable Function

Attred: Attribute Based Resource Discovery for IoT

Tradeoff Attacks on Symmetric Ciphers

Contact Info

Product

Resources

About