Rainbow-tables are huge collections of precalculated hash-values. On the previous page we misused Google as a rainbow-table, to find the matching password. To be precise we should call them "lookup-tables", rainbow-tables are more complex, but the idea behind is the same.
An example rainbow-table could look something like this:
Password | MD5-Hash |
---|---|
... | ... |
treasure | 82210e61e8f415525262575b20fae48d |
treasureisland | 736417aff94df6884ea929e7014816a2 |
treasuremap | 6ccd076d0eea636418c596eea8b7acf9 |
... | ... |
Lets make a rainbow-table containing all words from an English dictionary (≈150'000), all names from a telephone book (≈5'000'000), and all combinations of characters up to 6 places (19'770'609'664). We end up in a table with 19'775'759'664 precalculated hashes.
Nowadays often video cards (GPU) are used to find hash-values, because they can do extremely fast parallel calculations. An off-the-shelf GPU can handle about ~50 Giga MD5 hash-values per second (in 2021), to build our example rainbow-table we would therefore need only 0.4 seconds!