Editing Dictionary attack (section)

==Pre-computed dictionary attack/Rainbow table attack==
It is possible to achieve a [[time–space tradeoff]] by [[pre-computing]] a list of [[Cryptographic hash function|hashes]] of dictionary words and storing these in a database using the hash as the [[Unique key|key]]. This requires a considerable amount of preparation time, but this allows the actual attack to be executed faster. The storage requirements for the pre-computed tables were once a major cost, but now they are less of an issue because of the low cost of [[disk storage]]. Pre-computed dictionary attacks are particularly effective when a large number of passwords are to be cracked. The pre-computed dictionary needs be generated only once, and when it is completed, password hashes can be looked up almost instantly at any time to find the corresponding password. A more refined approach involves the use of [[rainbow table]]s, which reduce storage requirements at the cost of slightly longer lookup-times. ''See'' [[LM hash]] for an example of an [[Authentication protocol|authentication system]] compromised by such an attack.

Pre-computed dictionary attacks, or "rainbow table attacks", can be thwarted by the use of [[Salt (cryptography)|salt]], a technique that forces the hash dictionary to be recomputed for each password sought, making [[precomputation]] infeasible, provided that the number of possible salt values is large enough.<ref>{{Cite web|title=CAPEC - CAPEC-55: Rainbow Table Password Cracking (Version 3.5)|url=https://capec.mitre.org/data/definitions/55.html|access-date=2021-09-12|website=capec.mitre.org}}</ref>