A Hybrid Classical-Quantum Rainbow Table Attack on Human Passwords

TL;DR

This paper introduces a hybrid classical-quantum attack method using rainbow tables and Grover's algorithm to more efficiently crack long, human-generated passwords, addressing challenges posed by their complexity and real-world variability.

Contribution

It presents a novel hybrid attack combining rainbow tables with distributed Grover's algorithm tailored for complex human passwords, improving efficiency and noise robustness.

Findings

Enhanced password recovery efficiency

Reduced quantum circuit depth for near-term devices

Better modeling of real-world password behavior

Abstract

Long, human-generated passwords pose significant challenges to both classical and quantum attacks due to their irregular structure and large search space. In this work, we propose an enhanced classical-quantum hybrid attack specifically designed for this scenario. Our approach constructs rainbow tables using dictionary-based password generation augmented with transformation rules that better capture real-world user behavior. These tables are organized into buckets, enabling faster lookup and reduced space complexity. For the search within each bucket, we employ a distributed exact variant of Grover's algorithm. This method provides deterministic success and significantly lower circuit depth, enhancing robustness against noise-particularly depolarizing errors common in near-term quantum devices. Overall, our hybrid framework improves the efficiency and practicality of password recovery for long, human-readable passwords in realistic adversarial settings.