What is a Rainbow Table Attack? How To Protect Against It?

There are several ways that hackers can steal passwords, and even encrypted credentials might be vulnerable to attacks.

What Is a Rainbow Table Attack?

A rainbow table attack is a type of attack used to crack password hashes through the use of a table of common passwords, hashed, allowing an attacker to discover the original password. Password databases typically “hash,” or irreversibly encrypt, passwords so that they cannot be used to sign into user accounts if that database is stolen. Rainbow table attacks rely on precomputed tables called rainbow tables containing these hashes. By using these tables, an attacker can reverse a hashed password back to its plaintext form more efficiently than by using brute-force methods or simple lookup tables.

A rainbow table is a precomputed set of hash values used to crack password databases that do not store their information as plaintext. These tables allow attackers to access secure systems without guessing a password.

The attacker first creates a “chain” of hash values to generate a rainbow table. This is done by starting with a known value and applying the hash function to get the corresponding hash value. The attacker then compares hashed values from the table against hashed values from a database to look for a matching hash value. When a matching hash value is found, the attacker can use the corresponding password to log in to the target system or access the user’s sensitive information.

Rainbow tables are practical because they can be pre-computed for a specific hash function and password length and reused across multiple targets using the same hash function. This means the attacker doesn’t need to generate new Rainbow Tables for each target, making the attack more efficient.

What Are Some Real-World Examples of Rainbow Table Attacks?

• LinkedIn: In 2012, hackers accessed a database containing over 6.5 million hashed passwords from the social networking site LinkedIn. They then used rainbow tables to crack the passwords and leaked them online, exposing millions of user accounts.
• Adobe Systems: In 2013, hackers accessed a database containing over 150 million encrypted passwords from Adobe Systems. The passwords were encrypted using a weak hashing algorithm, making them easy to crack using Rainbow Tables.
• Ubuntu Forums: In 2013, the Ubuntu Forums website was hacked, and the attackers obtained a database containing over 1.8 million usernames and hashed passwords. They used brute force and Rainbow Tables to crack the passwords and gain access to the user accounts.

How Can I Protect Against Rainbow Table Attacks?

There are several ways to protect against Rainbow Table attacks:

• Use Good Password Hygiene: The strength of a password is crucial in protecting against Rainbow Table attacks. The longer and more complex a password is, the more difficult it will be for attackers to guess or crack it. It’s also important to use a different password for each account so that the others will still be secure if one password is compromised.
• Use Hash Salting: A salted hash is a password combined with a random value before being hashed. This makes it much more difficult for attackers to use precomputed Rainbow Tables to crack passwords because the salt value will differ for each password, even if the passwords are identical.
• Use a Strong Encryption Method: When storing passwords or other sensitive information, use a robust encryption method to protect it. Algorithms like AES or RSA can provide strong protection against unauthorized access and should be used in conjunction with other security measures.
• Implement Multi-Factor Authentication: Two-factor authentication adds extra security to the authentication process by requiring users to provide a second piece of information in addition to their password, such as a one-time code generated by a smartphone app or sent via SMS.
• Update Database and Encryption Software: Attackers can exploit software vulnerabilities to gain unauthorized access to systems or information. It’s important to keep all software and systems up to date with the latest security patches and updates to prevent Rainbow Table attacks and other types of cyber attacks.

How Do Rainbow Table Attacks Differ From Other Forms of Cracking?

Rainbow tables, brute force, and dictionary attacks are methods used by attackers to crack passwords, but they differ in their approach and effectiveness.

• A brute force attack works by trying all possible combinations of characters in a password until the correct password is found. This method is very time consuming, as it can take a very long time to try all possible combinations. However, it can still be effective against weak passwords.
• A dictionary attack, on the other hand, works by trying a list of commonly used passwords, dictionary words, or variations of these words. This method is faster than a brute force attack because it only tries some possible combinations, but it’s less effective against complex or unique passwords.

As we can see, the rainbow table doesn’t rely on “guessing” in the same way as brute force or dictionary attacks. Also, rainbow tables, unlike the other two options, can potentially break through protective cryptography.

Strengthen Authentication Against Rainbow Table Attacks with 1Kosmos

One of the key weak points of an identity management system is the database–specifically, when a hacker gets access to a database dump where they can run different techniques, like a rainbow table attack, against that information.

1Kosmos mitigates these issues by decentralizing identity management. Our decentralized blockchain system removes database honeypots while placing ownership of identity back into the hands of users. The result? Strong, compliant authentication that’s secure today, tomorrow, and into the future.

With 1Kosmos BlockID, you get the following security and usability features:

• Identity-Based Authentication: We push biometrics and authentication into a new “who you are” paradigm. BlockID uses biometrics to identify individuals, not devices, through credential triangulation and identity verification.
• Cloud-Native Architecture: Flexible and scalable cloud architecture makes it simple to build applications using our standard API and SDK.
• Identity Proofing: BlockID verifies identity anywhere, anytime and on any device with over 99% accuracy.
• Privacy by Design: Embedding privacy into the design of our ecosystem is a core principle of 1Kosmos. We protect personally identifiable information in a distributed identity architecture and the encrypted data is only accessible by the user.
• Private and Permissioned Blockchain: 1Kosmos protects personally identifiable information in a private and permissioned blockchain, encrypts digital identities, and is only accessible by the user. The distributed properties ensure no databases to breach or honeypots for hackers to target.
• Interoperability: BlockID can readily integrate with existing infrastructure through its 50+ out-of-the-box integrations or via API/SDK.

Sign up for our newsletter to learn more about how BlockID can support real security and help mitigate phishing attacks. Also, read our whitepaper on how to Go Beyond Passwordless Solutions.

FIDO2 Authentication with 1Kosmos

Read More