Penetration Testing mailing list archives

Re: [PEN-TEST] NT 4.0 and MD4 Hash

From: Alfred Huger <ah () SECURITYFOCUS COM>
Date: Wed, 6 Dec 2000 08:08:30 -0800

On Wed, 6 Dec 2000, Chris Paget wrote:

Windows NT uses an MD5 hash, not MD4.

MD4 has been cryptographically 'broken' (see
http://www.rsasecurity.com/rsalabs/faq/3-6-6.html for more detail),
while MD5 remains (to date) unbroken, at least in it's entirety.



A few people have replied with this, however I am sure that it is not
correct. Quoted from:

"Choosing Strong Passwords" - Eric Shultze
 http://www.securityfocus.com/focus/microsoft/nt/1.html

"Passwords in NT environments are encrypted in two separate
fashions. NTLM hashes (used mainly for NT to NT authentication) are
created using MD4 encryption, while the LanMan hashes (used for Win9x and
other non-NT client authentication) are created using a known constant in
its encryption algorthym. (For a technical discussion of NT passwords,
check out L0pht's paper on the crypto behind NT passwords.) It is this
LanMan hash that creates the need for special length passwords."

Current thread:

[PEN-TEST] NT 4.0 and MD4 Hash Chad Gough (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Chris Paget (Dec 07)
  - Re: [PEN-TEST] NT 4.0 and MD4 Hash Alfred Huger (Dec 07)
    - Re: [PEN-TEST] NT 4.0 and MD4 Hash Chris Paget (Dec 07)
    - Re: [PEN-TEST] NT 4.0 and MD4 Hash Etaoin Shrdlu (Dec 07)
    - Re: [PEN-TEST] NT 4.0 and MD4 Hash Olle Segerdahl (Dec 07)
    - Re: [PEN-TEST] NT 4.0 and MD4 Hash Denis Ducamp (Dec 10)
  - Re: [PEN-TEST] NT 4.0 and MD4 Hash Paul Cardon (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Frank Heyne (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Rory (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Ryan Russell (Dec 07)
- <Possible follow-ups>
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Chad Gough (Dec 07)
- Re: [PEN-TEST] NT 4.0 and MD4 Hash Renshaw, Rick (R.) (Dec 07)

(Thread continues...)