Brute Force Attack

Definition: Attempts to determine a secret by trying every possible combination.

Qualities:

• The number of attempts is limited by the maximum length and the number of characters to try
per position (or byte if considering Unicode passwords)

• The time to complete is greater, but there is greater coverage of likely cleartext value (all
possibilities only if set to the maximum length and every possible character is considered in
every position)

Rainbow Table

Definition: A rainbow table attack is a password cracking method that uses a special table (a “rainbow
table”) to crack the password hashes in a database. Applications don’t store passwords in plaintext, but
instead encrypt passwords using hashes. After the user enters their password to login, it is converted to
hashes, and the result is compared with the stored hashes on the server to look for a match. If they
match, the user is authenticated and able to login to the application

Rainbow Table versus Brute Force:

1. A rainbow table is generally an offline only attack. In a brute force attack or dictionary attack, you
need to spend time either sending your guess to the real system to running through the algorithm
offline. Given a slow hashing or encryption algorithm, this wastes time. Also, the work being done
cannot be reused.

A rainbow table is precomputed listing. You actually work backwards from the hashed/encrypted text.
The attacker will run through the algorithm to get every possible output given every possible input. The
list of inputs may be brute force, dictionary, or hybrid. Based on the list of outputs, the attacker now has
a reusable table mapping inputs to known outputs.

With the precomputed table, a simple lookup is now possible given the encrypted/hashed version of the
password. If you can find the victim's encrypted/hashed version you can easily return the real plaintext
password. Rainbow tables are used to reduce redundant work. There is a trade off with doing the work
up front and storing the tables. For example, if you were just doing a brute force or a dictionary attack,
you can stop as soon as you find your answer. However, the rainbow table must be fully calculated.

2. A brute force attack means probing the complete key space on the algorithm.

A rainbow table is used to attack a hashed password in reverse. That means I have a table with
possible hashes and look up a matching password.
3. Brute Force Attack: Does not use a list of passwords; instead, it aims at trying all possible
combinations in the password space.

Rainbow table: Not directly linked to brute force or dictionary attack. It is very important to not store
the password (in DB or file) in plain text. The passwords are hashed using secure hash functions
like script and this hash is stored. A rainbow table attack is a method that aims at guessing the plain text
of the password from the hashed value (to thwart the attack, one adds unique values - salts while
hashing).