Select all of the following that are weaknesses of LM?

Windows LAN Manager (LM) hashes are known to be weak. Select all of the following that are weaknesses of LM?

Windows LAN Manager (LM) hashes are known to be weak. Select all of the following that are weaknesses of LM?

A.
Hashes are sent in clear over the network

B.
Effective length is 7 characters

C.
Makes use of only 32-bit encryption

D.
Converts password to uppercase

Explanation:
The LM hash is computed as follows. 1. The user’s password as an OEM string is converted to uppercase. 2. This password is either null-padded or truncated to 14 bytes. 3. The “fixed-length” password is split into two 7-byte halves. 4. These values are used to create two DES keys, one from each 7-byte half. 5. Each of these keys is used to DES-encrypt the constant ASCII string ” KGS!@#$% “, resulting in two 8-byte ciphertext values. 6. These two ciphertext values are concatenated to form a 16-byte value, which is the LM hash. The hashes them self are sent in clear text over the network instead of sending the password in clear text.



Leave a Reply 1

Your email address will not be published. Required fields are marked *