Is there any advantage to splitting a password?

The LM hash is computed as follows:


  1. The user’s ASCII password is converted to uppercase.
  2. This password is null-padded to 14 bytes.
  3. The 14-byte password is split into two 7-byte halves.
  4. These values are used to create two DES keys, one from each 7-byte half.
  5. Each of the two keys is used to DES-encrypt the constant ASCII string "KGS!@#$%", resulting in two 8-byte cipher-text values.
  6. These two cipher-text values are concatenated to form a 16-byte value, which is the LM hash.

There are a lot of security weaknesses outlined in the linked Wikipedia article and talked about elsewhere, but I'm particularly interested in steps 3 through 6. I'm curious about what led to this design. Is there any real security advantage to splitting a password, encrypting the two halves separately, then combining the two halves to form one hash again? Or is this just an example of "security through obscurity"?

find more : lm hash generator

Comments

  1. UnknownMarch 6, 2020 at 12:44 PM

    If you're attempting to lose kilograms then you need to start using this brand new tailor-made keto meal plan diet.

    To create this service, licensed nutritionists, fitness couches, and top chefs united to provide keto meal plans that are powerful, decent, price-efficient, and delicious.

    Since their launch in early 2019, hundreds of clients have already transformed their body and well-being with the benefits a great keto meal plan diet can provide.

    Speaking of benefits; clicking this link, you'll discover 8 scientifically-certified ones provided by the keto meal plan diet.

    ReplyDelete

Post a Comment

Popular posts from this blog

Everything you need to know about LAN authentication

Most people are familiar with PPP - Point-to-Point Protocol. PPP is most commonly used for dial-up Internet access. PPP is also used by some ISPs for DSL and cable modem authentication, in the form of PPP over Ethernet. PPP is part of Layer 2 Tunneling Protocol, a core part of Microsoft's secure remote access solution for Windows 2000 and beyond. What is PPP PPP evolved beyond its original use as a dial-up access method and is now used all over the Internet. One piece of PPP defines an authentication mechanism. With dial-up Internet access, that's the username and password you're used to using. PPP authentication is used to identify the user at the other end of the PPP line before giving them access. What is EAP? Most enterprises want to do more for security than simply employing usernames and passwords for access, so a new authentication protocol, called the Extensible Authentication Protocol (EAP), was designed. EAP sits inside of PPP's authentication protocol ...
Read more

Everything You Need to Know About 5G

  The latest CES 2019 set some trends for the future of technology and one of the most anticipated is the arrival of 5G Internet in the market. With the promise of being extremely fast and with double capacity for information transmission, the technology comes to revolutionize communication between everything connected to the internet. After the event, some innovation gurus say that from 2020 onwards we will live the “Data Age”, in which any electronic device will be able to analyze data that will be received via sensors or cloud. The big advantage of the 5G will be its simultaneous connection capability as the current 4G can handle a maximum of 10,000 gadgets within 1 km 2 . The arrival of 5G guarantees a range of 1 million devices within this same radius. And just as importantly, 5G will also bring data transfer capacity of up to 20gb, while 4G supports up to 10gb. And do you know where 5G technology will take immediate action? Obviously in smart cars, which are the future of tra...
Read more

Network Security: LAN manager authentication level

In windows server 2008, if we go to Network Security: LAN manager authentication level(gpedit.msc -> Computer Configuration -> WindowsSettings -> SecuritySettings LocalPolicies -> securityoptions ) and right click on it, we cannot change the value of the authentication level. It is greyed out. To change this we need to go to following registry entry.. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\LmCompatibilityLevel and set the value. LmCompatibilityLevel should be 0 for Send LM & NTLM responses 1 for Send LM & NLTM - use NTLMv2 session security if negotiated 2 for Send NTLM response only 3 for Send NTLMv2 response only 4 for Send NTLMv2 response only\refuse LM 5 for Send NTLMv2 response only\refuse LM & NTLM know more :  lan manager authentication level
Read more