Password attacks are the classic way an attacker can use to gain access to a computer system by determining the password and log in. The process of password cracking is recovering a password from data that has been stored or transmitted by a computer system by a network or malware. Most users think that password are compromised when an attacker uses every possible combinations of letter, numbers, and character to a crack a password, called a brute force style of attack. Although it is possible for an attacker to enter a number of different variations of a passwords at a login prompt, in reality this is not practical. Every through with the high processing power of computer today this is still a very slow method of attack. Now days most operating system and online accounts can be set to disable all login for a length of time after a limited number of incorrect attempts, locking out any possible access to the account.
Although a brute force style of attack once was the primary method used by hacker to crack password, more recently attacker have been using rainbow tables. A Rainbow table is a pre-computed table for reversing cryptographic hash functions usually for cracking password hash tables. This method is used in recovering a plaintext password up to a certain length consisting of a limited set of characters and numbers.
Rainbow tables are a compressed representation of cleartext password that are related and organized in a sequence, called a chain. Each chain starts with an initial password that is hashed and then fed into a function that produces a different cleartext password, then repeated for a set number of rounds. The password will be broken and hashed and ran through the same procedure used to create the initial table, this results in the initial password of the chain. The process is then repeated, starting with the initial password until the original digest is found. The password used at the last iteration is the cracked password.
Hash tables are constructed by hashing each word in a password dictionary the password-hash pairs are stored in a table, stored by a hash value. A hash function maps the plaintext to hashes so that no one can tell a plaintext from its hash. To use a hash table take the hash and perform a binary search in the table to find the original password, if it is present. The hash function for a given set of rainbow tables must match the hashed password the user wants to recover.
There are two steps when using a rainbow table, first by creating a table and then the table can be used to crack a password. This makes password attackers easier by creating a large pre generated set of candidate digests. Using a rainbow table is a space verses time trade off which uses less computer processing time and more storage. Whereas a then a brute force attack calculates a hash function on every attempt but more processing time and less storage space than a simple lookup table with one entry per hash. Using a key derivation function that employs a salt makes this attack method infeasible. Generating a password using a rainbow table requires a significant amount of time, once it is created it has significant advantages over other password attack methods. Rainbow tables can be repeated for attacks on other passwords with a much faster rate than a dictionary attacks, and the amount of memory needed on the attacking machine is greatly reduced.
In order to increase the strength of hashed based passwords as well as defending against rainbow tables, a salt can be implemented as an extra layer of password protection by adding a randomly generated string. A salt is random data used as an additional input to a one way function that hashes a password. The primary function of using a salt in a password is to defend against dictionary attacks and pre-computed rainbow tables. A new salt is randomly generated for each password, then concatenated and processed with a hash function. The resulting output is stored with the salt in a database.