LM hash

From Free net encyclopedia

LM hash or LAN Manager hash is one of the formats that Microsoft LAN Manager and Microsoft Windows uses to store Windows user passwords that are less than 15 characters in length. This type of hash was the only type of encryption used in Microsoft LAN Manager (hence the name) and early versions of Windows (up to Windows Me) and is still supported in recent versions for backward compatibility.

[edit]

Security Weaknesses

Although it is based on a reasonably secure hash function (DES, derived from the block cipher DES), the LM hash can easily be cracked because of two weaknesses in the way it is implemented. First, passwords longer than 7 characters are divided into two pieces and each piece is hashed separately. Second, all lower case letters in the password are changed to upper case before the password is hashed. As a result, even if there are <math>2^{84}</math> different passwords made of up to 14 mixed case letters and numbers, there are only <math>2^{36}</math> different LM hashes of 1-7 character password pieces. This is what is known as a "collision," where a single hash algorithm (in our case it is LM) given two totally separate blocks of data to cipher, will come out with the exact same hash value. Here are the steps of the LM hash (courtesy of sourceforge.net [1]):

1. The user's password (as an OEM string) is converted to uppercase.
2. This password is either null-padded or truncated to 14 bytes.
3. This "fixed" password is split into two 7-byte halves.
4. These values are used to create two DES keys (one from each 7-byte half).
5. Each of these keys is used to DES-encrypt the constant ASCII string "KGS!@#$%" (resulting in 
two 8-byte ciphertext values).
6. These two ciphertext values are concatenated to form a 16-byte value - the LM hash.

Modern desktop machines can crack alphanumeric LM hashes in hours with a brute force attack or in a few seconds using a "time-memory trade-off" cryptanalysis attack.

In 2003, an implementation of the time-memory trade-off technique called Ophcrack was published. It specifically targeted the weaknesses of LM encryption, and the included the pre-computed data necessary to crack virtually all alphanumeric LM hashes. Many cracking tools like RainbowCrack, L0phtCrack and Cain, now incorporate a similar time-memory trade-off attack and make cracking of LM hashes trivial, at least for alphanumeric passwords.

Because of the security weaknesses inherent in LM encryption, Microsoft introduced the NTLM algorithm. While LAN Manager is considered obsolete and current Windows operating systems use the stronger NTLM hashing method, by default all Windows systems still compute and store the LAN Manager hash for compatibility with LAN Manager and Windows Me or earlier clients. It is considered good security practice to disable this feature if it isn't needed. See [2]. Microsoft claims that support for LM will be completely eliminated in the new Windows Vista operating system.

[edit]