Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Select two.)
A.
Rainbow table attacks greatly reduce compute cycles at attack time.
B.
Rainbow tables must include precomputed hashes.
C.
Rainbow table attacks do not require access to hashed passwords.
D.
Rainbow table attacks must be performed on the network.
E.
Rainbow table attacks bypass maximum failed login restrictions.
A and B?
4
1
Yes. A and B.
C, D, and E are not true at all.
2
3
B & E.
IIRC:
Rainbow tables run off a list of pre computed hashes that are tied to potential passwords.
Once the attacker has the hash, they run it against the table (which they can do offline and therefore won’t go against password attempts), once they find a hash that matches in their table they use that to log in.
I feel my explanations are not the best, but the theory behind it is sound.
7
5
A and B
3
2
First of all for some definitions:
RAINBOW TABLE ATTACK
• A rainbow table is used to attack a hashed password in reverse. That means I have a table with possible hashes and look up a matching password.
• A rainbow table is generally an offline only attack.
• Cryptography for storing important data such as passwords in a database.
• It uses less compute cycles than any other forms of attack
BRUTE FORCE ATTACK
• A brute force attack is primarily used against the encryption algorithm itself.
• This attack can be both Online and offline.
• Offline can be done is you obtain a dump of /etc/password file to try all possible passwords at machine in your basement (offline).
• Online is when you keep trying bunch of default/popular passwords at the command prompt of the server (online) until you succeed. This can be mitigated by a proper password policy implementation (such as the number of tries before the account gets locked)
• It uses a lot of compute cycles
DICTIONARY ATTACK
• A dictionary attack means that you probe only passwords/keys from a dictionary (which does not contain the complete keyspace).
• So it is an attack against the password itself ( and no the algorithm)
• It uses a lot of compute cycles
Now let’s take a look at the answers
A.Rainbow table attacks greatly reduce compute cycles at attack time. CORRECT
B.Rainbow tables must include precomputed hashes. CORRECT
C.Rainbow table attacks do not require access to hashed passwords. INCORRECT- The nature of rainbow table is to attack the hashes
D.Rainbow table attacks must be performed on the network. INCORRECT. Rainbow table attacks are off-line attacks, hence not performed on the network.
E.Rainbow table attacks bypass maximum failed login restrictions. INCORRECT. None of the attacks bypass the “maximum failed login restrictions”. In addition to that, in order to bypass the “maximum failed login restrictions” the attack by definition must be an online attack. Since rainbow table’s attacks are off line, the “maximum failed login restrictions” do not even enter into the equation.
So as far as I can see, it is A & B
6
2