Which of the following are known weaknesses of LM?

Windows LAN Manager (LM) hashes are known to be weak. Which of the following are known weaknesses of LM? (Choose three)

Windows LAN Manager (LM) hashes are known to be weak. Which of the following are known weaknesses of LM? (Choose three)

A.
Converts passwords to uppercase.

B.
Hashes are sent in clear text over the network.

C.
Makes use of only 32 bit encryption.

D.
Effective length is 7 characters.

Explanation:
The LM hash is computed as follows.1. The user’s password as an OEM string is converted to uppercase. 2. This password is either null-padded or truncated to 14 bytes. 3. The "fixed-length" password is split into two 7-byte halves. 4. These values are used to create two DES keys, one from each 7-byte half. 5. Each of these keys is used to DES-encrypt the constant ASCII string "KGS!@#$%", resulting in two 8-byte ciphertext values. 6. These two ciphertext values are concatenated to form a 16-byte value, which is the LM hash. The hashes them self are sent in clear text over the network instead of sending the password in clear text.



Leave a Reply 0

Your email address will not be published. Required fields are marked *