Which password-cracking technique relies on precomputed hashes to speed up cracking attempts?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the EC-Council Certified Ethical Hacker (CEH) Certification. Master concepts with flashcards and multiple choice questions, each enriching your understanding. Ready yourself to succeed in your exam!

Multiple Choice

Which password-cracking technique relies on precomputed hashes to speed up cracking attempts?

Explanation:
Rainbow tables rely on precomputed hash values to speed up password cracking. Instead of hashing each guess as the attack runs, an attacker precomputes a vast collection of candidate passwords and their corresponding hashes, then stores them for quick lookup. When trying to crack a password, the attacker can simply search the table for the target hash to retrieve the likely plaintext password. To keep the table practical in size, rainbow tables use chain reductions: a hash is converted back to another candidate password, which is hashed again, and the process repeats, with only the start and end of each chain stored. This approach dramatically reduces real-time computation at the cost of large precomputation and storage, and it hinges on the absence of salting. If the target system uses unique salts (and strong hashing), the precomputed tables become ineffective because the same password will hash differently per user. In contrast, brute force exhausts all possibilities without precomputation, dictionary attacks use a predefined list of common passwords, and phishing is a social-engineering method rather than a hashing-based cracking technique.

Rainbow tables rely on precomputed hash values to speed up password cracking. Instead of hashing each guess as the attack runs, an attacker precomputes a vast collection of candidate passwords and their corresponding hashes, then stores them for quick lookup. When trying to crack a password, the attacker can simply search the table for the target hash to retrieve the likely plaintext password. To keep the table practical in size, rainbow tables use chain reductions: a hash is converted back to another candidate password, which is hashed again, and the process repeats, with only the start and end of each chain stored. This approach dramatically reduces real-time computation at the cost of large precomputation and storage, and it hinges on the absence of salting. If the target system uses unique salts (and strong hashing), the precomputed tables become ineffective because the same password will hash differently per user. In contrast, brute force exhausts all possibilities without precomputation, dictionary attacks use a predefined list of common passwords, and phishing is a social-engineering method rather than a hashing-based cracking technique.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy