Timeline for answer to Couldn't we create a string that produces the same hash as another string in SHA-256? by user3067860
Current License: CC BY-SA 4.0
Post Revisions
3 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Aug 14, 2020 at 5:53 | comment | added | Artelius | @Michael Although everything else is valid, this answer doesn't explain rainbow tables correctly. They do not store one input for every possible output (that would be more terabytes than stars in the universe, even for MD5.) Rainbow tables involve precomputing (let's say) a million hashes and storing (say) 1000 of them. Using a clever algorithm, those million can be reconstructed using a lot of work—but much less work than pure brute force. Rainbow tables are simply leverage to attack somewhat longer passwords when it's infeasible to store precomputed tables of that size. | |
| Aug 13, 2020 at 9:15 | comment | added | clockw0rk | I guess it was way easier to just hash a password like hash("hello123"); and then brute force email-adresses or usernames until you find somebody stupid enough to use "hello123" as a password | |
| Aug 12, 2020 at 16:48 | history | answered | user3067860 | CC BY-SA 4.0 |