tag:blogger.com,1999:blog-3426308754865054242.post7806001578834603981..comments2014-11-04T07:51:04.311-08:00Comments on Unchained Mysteries: Password Storing and Rainbow Table BaiscsAnonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-3426308754865054242.post-7914069493010119342014-11-04T07:51:04.311-08:002014-11-04T07:51:04.311-08:00Thanks Rajesh for taking out time and reading thro...Thanks Rajesh for taking out time and reading through my blog. I will try to answer your questions...<br /><br />It depends upon whether you have RAINBOW tables for the SHA family or not. Rainbow tables is a technique. Though it is available for SHA1 i have not done much research on whether it is available for others or not. The whole point is, keeping in mind the complexity if you are able to compute a Rainbow table for the same you will be able to crack.<br /><br />Hashes are way far better than plain text. The more important the data is the more complex algos are being suggested. MD5 which was once a very secure is no more today. With the technology evolving we also have to evolve to create more strong algos which are not susceptible for hash clashes or easily crack able trough RAINBOW tables.<br /><br />Offline attacks are one of their kind. The one thing which they gives the bad guys is plenty of time:) And as they say. Anything is crack able when you have ample amount of time. I will say make the infra so string that they dont get anything offline:)<br /><br />Hope this helps:):) Feel free to shoot questions. I will be more than happy to have a healthy discussionAnonymoushttps://www.blogger.com/profile/10272096505195485984noreply@blogger.comtag:blogger.com,1999:blog-3426308754865054242.post-39813887048564978842014-10-20T05:57:31.223-07:002014-10-20T05:57:31.223-07:00Good Read. Got some questions
1) Is SHA-1, SHA-2 ...Good Read. Got some questions<br /><br />1) Is SHA-1, SHA-2 and other families of SHA prone to rainbow table attacks<br />2) If rainbow tables are so predominant why are hashes are still being suggested by Ethical hackers as best practice<br />3) What are the best practices to mitigate from offline attacksRajesh Sikchihttps://www.blogger.com/profile/17923749024269116534noreply@blogger.comtag:blogger.com,1999:blog-3426308754865054242.post-44693198864209612072014-09-15T09:02:11.460-07:002014-09-15T09:02:11.460-07:00Awesome Bro....
Truely Enlightening!! :)Awesome Bro....<br />Truely Enlightening!! :)Anonymoushttps://www.blogger.com/profile/04198717792708909863noreply@blogger.com