🛡️ Free practice test question from: Hashing (Security+)

Rainbow tables are precomputed tables that allow attackers to quickly reverse cryptographic hash functions. They're essentially massive lookup tables that can convert hashes back to their original passwords much faster than brute-force methods. → https://crackstation.net/

A) Switching to MD5 is not advisable as MD5 is also considered cryptographically broken and unsuitable for further use. Moreover, it does not address the fundamental issue of vulnerability to rainbow table attacks.

B) While encrypting hashed passwords adds an extra layer of security, it does not inherently prevent rainbow table attacks. If the encryption key is compromised, the attacker can decrypt the hashes and proceed with rainbow table attacks. Salting directly addresses the vulnerability by making each hash unique.

C) Increasing the hash output length does not prevent rainbow table attacks. Rainbow tables are based on the hash function and not the output length. Additionally, SHA-1 is already deprecated due to its vulnerabilities, and merely increasing the output length does not resolve its inherent weaknesses.

D) Is correct anwer. Salt is a unique, random string that is added to each password before hashing. This means:

→ Even if two users have the same password, their hashes will be different

→ Rainbow tables become ineffective because each hash is unique

→ Attackers would need to generate a new rainbow table for each salt

For example: