Reply to post: DES

Father of Unix Ken Thompson checkmated: Old eight-char password is finally cracked

Joe Montana


On a unix system yes, the algorithm would have been DEScrypt.. Many years ago someone built an FPGA setup which could brute force any DES password in a few hours.

DES passwords also had a maximum length of 8 characters, so it simply wasnt possible to have a longer password.

Modern unix systems would use crypt-md5, crypt-sha512 or bcrypt which are much stronger than DES and support much longer passwords.

On the other hand, even the latest versions of windows still use NTLM which is based on MD4. They also use an AES based algorithm as well, but it's not possible to migrate entirely to a new algorithm like unix can because the hashing algorithms are an inherent part of network authentication protocols among other things - so the newer algorithm can largely just be ignored.

NTLM is not salted, although it does support longer passwords than DES, generally NTLM is even faster to crack than DES - especially if you're going after multiple hashes in parallel.

You can also in many cases pass the hash, which renders the encryption algorithm totally irrelevant anyway as the hash becomes an equivalent of plaintext.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2019