Presentation is loading. Please wait.

Presentation is loading. Please wait.

A New Time-Memory-Resource Trade-Off Method for Password Recovery Communications and Intelligence Information Security (ICCIIS), 2010 International Conference.

Published byLily Whitehead Modified over 9 years ago

Similar presentations

Presentation on theme: "A New Time-Memory-Resource Trade-Off Method for Password Recovery Communications and Intelligence Information Security (ICCIIS), 2010 International Conference."— Presentation transcript:

1 A New Time-Memory-Resource Trade-Off Method for Password Recovery Communications and Intelligence Information Security (ICCIIS), 2010 International Conference Authors: Wei Zhang Coll. of Compute., Nanjing Univ. of Posts & Telecommun., Nanjing, China Mengyuan Zhang ; Yiyang Liu ; Ruchuan Wang 1

2 Password crack There are two common ways to crack the password if we know the encrypted password: Brute-force attack. Try every passwords until you find the right one. Time costs may be large. Lookup table. Create a list of passwords and their encrypted results, then search them. Crack Fast but need large storage. Time-memory tradeoff 2

3 Rainbow table method Reduce function : maps hashes to plaintexts. Hash chain 3

4 Rainbow table method 4

5 5 Example: Hash chain Give a hash “3626” 1.Can not find 3626 in h3 2.R2(3626) = 36 3.H(36) = 4202(match) 4.Look up the table and find the p1 is 25 5.H(25) = 2059 6.R(2059) = 59 7.H(59) = 3626  The plaintext is 59!!

6 The rainbow chain with multi- resources Dividing a large rainbow table into several small rainbow sub-tables. Server-Client mode – Step1: Initialize, ensure each client has corresponding rainbow tables; – Step2: Start crack password, generate crack task; – Step3: Collect the information of the clients including specialized resources; – Step4: According to the Step3 results, generate sub-tasks and dispatch to clients; – Step5: Coordinate the clients, broadcast cracked hash message to clients to cancel the cracked job; – Step6: Collect the results form the clients, close the clients’ connection, and end the whole crack task. 6

7 The rainbow chain with multi- resources 7

8 Result CPU: Pentium4 CPU 2.93GHz, Memory: 256MB, Hard Disk: 7200, Windows XP Professional SP2 8

9 Summary Large storage space and the requirement of cracking time is rainbow table’s bottleneck in single machine. Cracking resources extend the two dimensional ( space and time ) exchanging problems of original rainbow chain. 9

10 Reference M. E. Hellman, “A Cryptanalytic Time-Memory Trade-Off’, IEEE Transactions on Information Theory, Vol. IT-26, No.4, 1980,pp.401-406. http://en.wikipedia.org/wiki/Rainbow_table http://www.rainbowcrack.com 10

Download ppt "A New Time-Memory-Resource Trade-Off Method for Password Recovery Communications and Intelligence Information Security (ICCIIS), 2010 International Conference."

Similar presentations

Memory.

Memory.
Password Cracking With Rainbow Tables

Password Cracking With Rainbow Tables
Page Table Implementation

Page Table Implementation
Operating System.

Operating System.
Lesson 6. The Computer Operation Computer Operating Systems GUI vs. Command line The Microsoft Windows Family File Systems – How Computers Manage Data.

Lesson 6. The Computer Operation Computer Operating Systems GUI vs. Command line The Microsoft Windows Family File Systems – How Computers Manage Data.
CSC 774 Advanced Network Security

CSC 774 Advanced Network Security
Lee Jae-song 1.  How to cryptanalysis DES?  C = E K (P)  E is DES encryption funtion  K is a key, 56-bit.  P is a plaintext, C is a ciphertext, both.

Lee Jae-song 1.  How to cryptanalysis DES?  C = E K (P)  E is DES encryption funtion  K is a key, 56-bit.  P is a plaintext, C is a ciphertext, both.
CSC 774 Advanced Network Security

CSC 774 Advanced Network Security
Cryptanalysis on FPGA Based Hardware

Cryptanalysis on FPGA Based Hardware
Module 1: Installing Windows XP Professional

Module 1: Installing Windows XP Professional
A Dynamic Binary Hash Scheme for IPv6 Lookup Q. Sun 1, X. Huang 1, X. Zhou 1, and Y. Ma 1,2 1. School of Computer Science and Technology 2. Beijing Key.

A Dynamic Binary Hash Scheme for IPv6 Lookup Q. Sun 1, X. Huang 1, X. Zhou 1, and Y. Ma 1,2 1. School of Computer Science and Technology 2. Beijing Key.
IT Infrastructure: Software September 18, 2014. LEARNING GOALS Identify the different types of systems software. Explain the main functions of operating.

IT Infrastructure: Software September 18, LEARNING GOALS Identify the different types of systems software. Explain the main functions of operating.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 8: Troubleshooting Storage Devices and Display Devices.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 8: Troubleshooting Storage Devices and Display Devices.
Name Services Jessie Crane CPSC 550. History ARPAnet – experimental computer network (late 1960s) hosts.txt – a file that contained all the information.

Name Services Jessie Crane CPSC 550. History ARPAnet – experimental computer network (late 1960s) hosts.txt – a file that contained all the information.
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
11 INSTALLING WINDOWS XP Chapter 2. Chapter 2: Installing Windows XP2 INSTALLING WINDOWS XP  Prepare a computer for the installation of Microsoft Windows.

11 INSTALLING WINDOWS XP Chapter 2. Chapter 2: Installing Windows XP2 INSTALLING WINDOWS XP  Prepare a computer for the installation of Microsoft Windows.
Hellman’s TMTO 1 Hellman’s TMTO Attack. Hellman’s TMTO 2 Popcnt  Before we consider Hellman’s attack, consider simpler Time-Memory Trade-Off  “Population.

Hellman’s TMTO 1 Hellman’s TMTO Attack. Hellman’s TMTO 2 Popcnt  Before we consider Hellman’s attack, consider simpler Time-Memory Trade-Off  “Population.
Apr 4, 2003Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication.

Apr 4, 2003Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication.
What are Rainbow Tables? Passwords stored in computers are changed from their plain text form to an encrypted value. These values are called hashes, and.

What are Rainbow Tables? Passwords stored in computers are changed from their plain text form to an encrypted value. These values are called hashes, and.
1 SOFTWARE TECHNOLOGIES BUS3500 - Abdou Illia, Spring 2007 (Week 2, Thursday 1/18/2007)

1 SOFTWARE TECHNOLOGIES BUS Abdou Illia, Spring 2007 (Week 2, Thursday 1/18/2007)

Similar presentations

Ads by Google