Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

Re^3: Creating a rainbow table for a ten-digit number: Advice?

by jethro (Monsignor)
on Apr 11, 2010 at 19:01 UTC ( #834125=note: print w/replies, xml ) Need Help??


in reply to Re^2: Creating a rainbow table for a ten-digit number: Advice?
in thread Creating a rainbow table for a ten-digit number: Advice?

I should have formulated that better, my previous post can be misunderstood quite easily. Luckily ww said it much better.

But you are right, my answer isn't really what you were looking for. You seem to need to collect the data over a long time on laptops and the secret database should not be connected while this is happening, right?

Your scheme is a really nice idea, but has problems. Let me elaborate:

Lets say you have chosen a salt. Nobody else can construct a rainbow table in a sensible timeframe without knowing the salt.

But an attacker needs to know only one of those unique numbers you want to keep secret and access to your data on the laptop to find out the salt. He just encrypts the number he knows combined with possible salt values until he finds a encrypted number where there is a corresponding data set

So you need to use a really big salt, more like a password

That salt/password could be stored on the laptop, but then an attacker could just look into your script to find out the password

So you and the data collectors have to type in the salt/password every time they want to collect data. If the attacker gets hold of the laptop he can change the script to store the salt and send it to him or he can collect it later. Granted that is difficult but you still need to secure the laptops more than you might want to. And you have to trust the data collectors

So Xilmans idea to use public-key encryption is really the solution you are looking for with none of the above disadvantages

  • Comment on Re^3: Creating a rainbow table for a ten-digit number: Advice?

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://834125]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (9)
As of 2020-01-17 19:07 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Notices?