Formation of Rainbow Table
When a rainbow table is generated then a rainbow hash chain is made. The plaintext is passed through a Hash Function to generate a hash. Then from these hashes’ plaintext of fixed length is generated by using a Reduction function. This plaintext is not an original password. The same process is done again and plaintext is used to generate a hash and then again it is passed through the Reduction function to get plaintext from these hashes. And this is how the rainbow table chain is formed. After this, the Start and End plaintext is stored in the table.
How To Generate Rainbow Table Using WinRTGen?
Rainbow Tables are a large set of pre-computed hashes that are used for reversing cryptographic hash functions generally used for password cracking. It makes password cracking easy. Rainbow tables can be used to recover many types of password hashes for example MD4, MD5, SHA1, etc. In simpler terms, Rainbow Tables are lookup tables to compare password hash to generated password hashes for recovering/cracking passwords. Passwords are mostly stored in one-way hashes. When the password is generated the computer stores a one-way hash of the password that obfuscates it. It is made this way, which means it is impossible to use any algorithm for the reversal of password hash to plaintext. It is designed in this way so that original plaintext cannot be obtained from it.
- Rainbow Tables work on the principle of time-memory tradeoff, using less computer processing time and more computer storage than brute force/dictionary attacks which calculate a hash on every attempt but more processing time & less storage than a simple Rainbow Table with one entry per hash.
- Rainbow tables can be generated once and can be used multiple times on different password hashes. Different rainbow tables can be generated for different encryption types and character sets.
- Rainbow tables can be quite big as sizes of these can vary from a couple of Gigabytes to Terabytes depending upon different encryption formats, password lengths etc.