Salting of Passwords and Cryptographic Attacks

C.

Salting is the process of adding random data, known as a salt, to a password before it is hashed. The salt is used to make the resulting hash unique even if the password being hashed is common. This makes it harder for attackers to use precomputed tables, such as rainbow tables, to crack hashed passwords.

Out of the options given, salting of passwords would render the rainbow table attack ineffective.

A rainbow table attack involves precomputing a large number of hashes for possible passwords and storing them in a table. The attacker can then look up the hash of a stolen password in the table to find the original password. However, if a salt is added to the password before it is hashed, the resulting hash will be unique even for the same password. This means that the precomputed hashes in the rainbow table will not be useful to the attacker.

Brute force and dictionary attacks are not rendered completely ineffective by salting, but they are made more difficult. A brute force attack involves guessing every possible combination of characters until the correct password is found. With a salt, the attacker must guess the salt as well as the password. This means that the attacker will need to do more computations for each guess, making the attack slower and more difficult.

A dictionary attack involves using a list of common passwords to guess the correct password. With a salt, the attacker must create a new list of possible passwords for each salt, making the attack slower and more difficult.

A birthday attack is a type of cryptographic attack that takes advantage of the birthday paradox, which states that in a group of 23 or more people, there is a greater than 50% chance that two people have the same birthday. This attack is not related to password hashing and would not be affected by salting.

In summary, salting makes rainbow table attacks ineffective but only makes brute force and dictionary attacks more difficult.