Pre-computed Dictionary Attack
It is possible to achieve a time-space tradeoff by pre-computing a list of hashes of dictionary words, and storing these in a database using the hash as the key. This requires a considerable amount of preparation time, but allows the actual attack to be executed faster. The storage requirements for the pre-computed tables were once a major cost, but are less of an issue today because of the low cost of disk storage. Pre-computed dictionary attacks are particularly effective when a large number of passwords are to be cracked. The pre-computed dictionary need only be generated once, and when it is completed, password hashes can be looked up almost instantly at any time to find the corresponding password. A more refined approach involves the use of rainbow tables, which reduce storage requirements at the cost of slightly longer lookup times. See LM hash for an example of an authentication system compromised by such an attack.
Pre-computed dictionary attacks can be thwarted by the use of salt, a technique that forces the hash dictionary to be recomputed for each password sought, making precomputation infeasible provided the number of possible salt values is large enough.
Read more about this topic: Dictionary Attack
Famous quotes containing the words dictionary and/or attack:
“The much vaunted male logic isn’t logical, because they display prejudices—against half the human race—that are considered prejudices according to any dictionary definition.”
—Eva Figes (b. 1932)
“Adolescents swing from euphoric self-confidence and a kind of narcissistic strength in which they feel invulnerable and even immortal, to despair, self-emptiness, self-deprecation. At the same time they seem to see an emerging self that is unique and wonderful, they suffer an intense envy which tears narcissism into shreds, and makes other people’s qualities hit them like an attack of lasers.”
—Terri Apter (20th century)