You should read Part 1 before continuing with this article, if you haven’t already. Also, fair warning that this article is gonna get a fair bit more complex than the last one.

In the last article we discussed the difference between lookup tables and Precomputed Hash Chains. In this article we’ll discuss the problems with basic PHC tables, and how Rainbow Tables solve them.

Probability & Efficiency

Try this experiment: roll a dice repeatedly, with the goal of rolling each possibility at least once. On the first roll, the chance of a “collision” (rolling something you’ve already rolled before, therefore wasting that roll)…


Note: To understand this article, you‘ll need to understand password hashing and cracking first. Rainbow Tables are a very interesting but also fairly complex data structure, so if you aren’t interested in CompSci, you probably won’t be into this article.

Rainbow Attack by TheeWeguy

Rainbow Tables != Lookup Tables

Many people use “rainbow table” to refer to “a lookup table of password hashes”, but in reality a rainbow table is a far more complex, and more interesting technology. This article will discuss the problem with lookup tables, and how rainbow tables solve it. …

Ryan Sheasby

Information Security Consultant, Passionate about AppSec, algorithms, Go, and ZFS, among lots of other things.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store