Rainbow Table

The principle is to start from a word and generate a hash, then from this hash the algorithm generate a new word (or password) which will be hashed. This step is called reduction. This hash will be used to generate a new password and with several repetitions like that we have what is called a chain. To get a rainbow table we generate a number of chains like that and then we reduce them ( otherwise it would be kind of a dictionary attack), meaning we only keep the first and the last term of each chain. Then when the attacker wants to find the password corresponding to a hash, he looks if it is in the rainbow table. If not he applied the reduction algorithm to the hash, get a new password and a new corresponding hash and search it in the table. When he finally find a hash which is in the table, the attacker regenerate the corresponding chain and knows that his first hash and corresponding password is in it. See labs section.