password expiration policy (was Re: UNIX V7)

On Thu, 18 Jun 2009, Dan Gahlinger wrote: Be careful, Dan. There is a subtle, but significant difference between somebody not knowing what they are talking about V talking about a different subject. Please don't be offended by the following oversimplifications: Ophcrack cracks WINDOZE passwords. In order to do so, it takes advantage of the fact that it is almost trivial to find and read the "encrypted" hashed storage in Windoze. ophcrack reads the hashed storage of the password from Windoze, and then can generate a password that will hash to that and work. In theory, a hash function is "one way", that there is no possible way to compute the source string from the stored destination value. That, of course, is wrong. In theory, theory and practice are the same. In practice, theory and practice are quite different. If somebody is familiar with what algorithm is used, there is always the possibility that they might figure out a way to reverse the function. If you figure out a better way to factor large numbers into their prime factors, send a credible description to the personnel department at the NSA, and they will send a black helicopter to pick you up. Actually, you don't even need to contact them, just talk about it on a phone line or email that passes between Washington and Baltimore. If you have access to the hashed value, which is what ophcrack needs, then it IS possible to generate a string that will hash to the right value. Whether that is FEASABLE, or worth the effort, depends on whether the algorithm is well known, OR how much entropy there is in the storage. For example, AND BRINGING THIS BACK ON TOPIC, the passwords used by TRS-DOS are hashed and stored as a 16 bit value. We can see the hash, but not the original string of characters. OK, let's try AAAAAAAA and see what the hash value comes out to be. In the unlikely event 2^-16 that that hash was the one that we were looking for, then we now know that AAAAAAAA will work as the password, even if that was NOT the original one! Then try AAAAAAAB. write down your results in a flat file with fields in each record of "string tried", and "hash value". Although we are iterating the "string tried" for each new one, sort the file in sequence by "hash value". Eventually, that brute force technique will yield a string that will match the hash that we are looking for. But, even though THIS project is completed, keep going. Eventually, probably after a lot more than 65536 iterations, you will have a list of 65536 different strings, and can look up a string that will work for any hash value you need, even though there are gazillions of possible passwords. That one was easy, because Randy Cook only stored 16 bits of entropy. Even if we don't have access to the stored hash value, that 16 bit entropy means that we never have to try more than 65536 different "test" passwords. Ophcrack uses tables of precomputed hashes created with knowledge of the algorithm that was used, and taking advantage of the fact that MICROS~1 didn't even hash the entire password. Instead, any password longer than 7 characters is broken up into 7 character chunks, and each of those is hashed separately. That makes it possible to "unhash" one piece at a time. Remember WOPR? That means that a 14 character password is only twice as much work to crack as a 7 character one, instead of squaring the amount of work! None of that applies if we can't get access to the stored hash, although knowledge of the algorithm used might reveal some potential shortcuts. In the case of the Thinkpad that is being discussed, IBM claims that is "uncrackable". However, Wizard jpero at sympatico.ca sent a URL to instructions for SOME Thinkpads for trivial hardware to be able to read the UNENCRYPTED password straight from the memory of the "security" chip: http://sodoityourself.com/hacking-ibm-thinkpad-bios-password/ So, the entropy of the password system IS how much work it is going to take, UNLESS you have access to bypass parts of the system, as Ophcrack has with Windoze. -- Grumpy Ol' Fred cisin at xenosoft.com