What is the algorithm used by LM for Windows2000 SAM?
A.
MD4
B.
DES
C.
SHA
D.
SSL
Explanation:
Okay,this is a tricky question. We say B,DES,but it could be A “MD4” depending onwhat their asking – Windows 2000/XP keeps users passwords not “apparently”,but as hashes,i.e.
actually as “check sum” of the passwords. Let’s go into the passwords keeping at large. The most
interesting structure of the complex SAM-file building is so called V-block. It’s size is 32 bytes and
it includes hashes of the password for the local entering: NT Hash of 16-byte length,and hash
used during the authentication of access to the common resources of other computers LanMan
Hash,or simply LM Hash,of the same 16-byte length. Algorithms of the formation of these hashes
are following:
NT Hash formation:
1.User password is being generated to the Unicode-line.
2.Hash is being generated based on this line using MD4 algorithm.
3.Gained hash in being encoded by the DES algorithm,RID (i.e. user identifier) had been used as
a key. It was necessary for gaining variant hashes for users who have equal passwords. You
remember that all users have different RIDs (RID of the Administrator’s built in account is 500,RID
of the Guest’s built in account is 501,all other users get RIDs equal 1000,1001,1002,etc.).
LM Hash formation:
1.User password is being shifted to capitals and added by nulls up to 14-byte length.
2.Gained line is divided on halves 7 bytes each,and each of them is being encoded separately
using DES,output is 8-byte hash and total 16-byte hash.
3.Then LM Hash is being additionally encoded the same way as it had been done in the NT Hash
formation algorithm step 3.
B