Hacker News new | past | comments | ask | show | jobs | submit login

Out of curiosity, why did they do this? Was hashing super computationally expensive when NTLM first appeared (NT 3.51 I think?)





I wonder if it’s for export control. 7 chars x 8 bits = 56 bits. This used to be the limit for max size of symmetric keys by the US.

The "split into 7s" thing is from LM, which goes back to the OS/2 days... and it uses DES, which operates with 56-bit keys: 7 8-bit characters. Old DES-based crypt() has a similar limit: 8 7-bit characters.

NT hashes use MD4, which wasn't invented until 1990.


I believe LM also stored the passwords in uppercase as well. The NTLM password was used, but LM was also saved for compatibility (by default) with older Windows machines.

L0pth Crack utilized this when cracking, it first found the uppercase password, then it only had to brute force the case when cracking NTLM.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: