Optimized attacking for NTLM authentication

From: Hidenobu Seki (seki@atc.yamatake.co.jp)
Date: Wed May 05 2004 - 20:27:54 EDT

('binary' encoding is not supported, stored as-is) For your information:

In October 2003, SecurityFriday developed a system for analyzing the new NTLM authentication that Windows XP SP1 and 2000 SP4 use by default, in real time (within a couple of seconds.).

The system configuration is as follows:
OS: Windows XP
CPU: Pentium 4 - 1.6GHz
Memory: 128MB
Hard disk space for precomputation: 1,632GB
The number of passwords to be analyzed: Approximately 630 billion
The technology used for this system is based on "Optimized Attack" described in the document below:

Cryptanalysis of Microsoft's Point-to-PointTunneling Protocol (PPTP)
http://www.schneier.com/paper-pptp.pdf

Thank you.

urity at SecurityFriday.com

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:53 EDT