>> The rainbow table is a trade-off, using less processing and more storagethan a brute force attack, but more processing and less storage than a dictionary attack.A rainbow table involves an algorithm called a "reduction function" that maps hashesinto something that could be an actual plain text password.This does not mean we're reversing the hash.That can't be done.The rainbow table is just alternating hashing and reducing to produce a chainof alternating hashes and plain texts.For example, we could take plain text Jonathan and hash it into 123456.Then we could run 123456 through a reduction function and get "Scott."Then we could run "Scott" through the hashing algorithmand get ABCDEF and reduce that to "Weissman."Generating a rainbow table with a tool called "rtgen," for instance,involves computing a number of chains with a specific chain lengthand storing the first and last entries of each chain.Thus, instead of storing 10,000 plain text values or hashes,which at most can crack 10,000 passwords, now storing just the starting and ending pointof 5,000 chains, the same number of 10,000 entries, a rainbow table can crack any amountof passwords, 100,000, 1 million, 1 billion, or more.How can it do this?See you in the next video.
转载于:https://www.cnblogs.com/sec875/articles/10015921.html
相关资源:JAVA上百实例源码以及开源项目