Interleaving Cryptanalytic Time-memory Trade-offs on Non-Uniform Distributions

Abstract : Cryptanalytic time-memory trade-offs (TMTO) are well-known tools available in any security expert toolbox. They have been used to break ciphers such as A5/1, but their efficiency to crack passwords made them even more popular in the security community. While symmetric keys are generated randomly according to a uniform distribution, pass- words chosen by users are in practice far from being random, as con- firmed by recent leakage of databases. Unfortunately, the technique used to build TMTOs is not appropriate to deal with non-uniform distribu- tions. In this paper, we introduce an efficient construction that consists in partitioning the search set into subsets of close densities, and a strategy to explore the TMTOs associated to the subsets based on an interleaved traversal. This approach results in a significant improvement compared to currently used TMTOs. We experimented our approach on a classical problem, namely cracking 7-character NTLM Hash passwords using an alphabet with 34 special characters, which resulted in a 16 × speedup over rainbow tables, which are considered as the most efficient variant of time-memory trade-offs.
Document type :
Conference papers
Liste complète des métadonnées
Contributor : Cédric Lauradoux <>
Submitted on : Tuesday, September 15, 2015 - 8:08:01 AM
Last modification on : Thursday, April 4, 2019 - 10:18:05 AM


  • HAL Id : hal-01199151, version 1


Gildas Avoine, Xavier Carpent, Cédric Lauradoux. Interleaving Cryptanalytic Time-memory Trade-offs on Non-Uniform Distributions. European Symposium on Research in Computer Security - ESORICS 2015, Sep 2015, Vienna, Austria. ⟨hal-01199151⟩



Record views