Abstract
The rainbow tradeoff is an algorithm for inverting one-way functions that is widely used in practice to recover passwords from unsalted password hashes. An auxiliary technique referred to as checkpoints can be applied to the rainbow tradeoff to reduce the time taken for these inversions. Working out a rigorous theory that can explain and predict the effects of this technique involves delicate manipulations of the random function and is thus a challenging task. In this work, we compare three existing theoretical analyses of the checkpoint technique. We first demonstrate that the claims made by the three works are incompatible with each other. We then carry out experiments designed to highlight these incompatibilities, obtaining experimental evidences that show just one of the three analyses to be correct. Finally, we discuss the obscure theoretical errors made by the two inadequate analyses.
Highlights
Time memory tradeoff [1] is a technique for inverting one-way functions and the rainbow tradeoff [2] is the most widely used such algorithm
Since both AJO08 and WL13 provided experimental data to support their respective theoretical claims, the reader may be under the impression that either the experiments of AJO08 and WL13 were invalid or that the experiments given in the current paper has to be invalid
We examined the theoretical analyses presented by AJO08 [3, 4], H10 [5], and WL13 [6] concerning the application of the checkpoint technique to the perfect table rainbow tradeoff
Summary
Time memory tradeoff [1] is a technique for inverting one-way functions and the rainbow tradeoff [2] is the most widely used such algorithm. After a long absence of improvements to the core algorithm, the rainbow table method [2] was announced, with the claim of it being advantageous over the DP method by a factor of at least two This was soon followed by the auxiliary technique of checkpoints [3, 4], which allowed for some of the negative effects of false alarms on the online time to be reduced. Some details concerning the performance of rainbow tradeoff for the special case of maximal perfect tables were given by [3, 4], and much more details concerning the classical Hellman, perfect rainbow, and non-perfect rainbow tradeoffs appeared in [5] These works [3,4,5] discussed the algorithm performances under the deployment of checkpoints. N þ 2 ln 1 À 2N : In terms of the notation used in the current paper, the above can be expressed as PrNHFA ðiÞ mðt À iÞ 2N
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
