I came across this problem in Bruce Schneider book.
We know that Rain bow tables can be used on stored hashes. Suppose a file (English text)is encrypted using a password, using the following scheme.
The password is hashed and the hash is used to encrypt the file via AES. The cipher is stored, and the password and hashes are thrown away. Explain: 1. How Dictionary attacks can be used to recover the password. 2. Why rainbow tables are not usable? 3. How rainbow table can be used, if the file has a known standard header.
I could understand question 1 and 2. But I couldn't get around with 3. Please help.
Question 3 is about a crib, a known plain text attack. You need to know some clear text in order to know if the decryption was successful and if the tried key is correct.