What stupid linkbait. Cracking LM-hashed passwords is about as interesting as .1 + .2 != .3 in ieee754. Can we at least change the headline to something like "Newsflash: SSDs faster than spinning platters"?
The rainbow tables are an implementation of a form of time-memory tradeoff attack using a refined hash reduction algorithm based on the work of Martin Hellman (of Diffie-Hellman fame) - <a href="http://en.wikipedia.org/wiki/Rainbow_table" rel="nofollow">http://en.wikipedia.org/wiki/Rainbow_table</a><p>Basically Ophcrack uses optimised hash chains to speed things up. The precomputed hashes are generated with a specific character set. This works particularly well for unsalted algorithms that support limited character sets such as LM. LM splits the password into two on the 7 character boundary, capitalises it and only supports a subset of printable characters. Also it's unsalted, so while more computationally expensive than NTLM it's actually easier to crack. Rainbow tables for LM can be downloaded from freerainbowtables.net and are about 30-40Gb.<p>NTLM on the other hand supports unicode and very long password lengths. Most rainbow tables are mixalpha, or alphanumeric but short length. Our mixalphanum with symbols rainbow table set goes up to 14 characters and is about just under a terabyte. This is more difficult to put on SSDs cheaply.<p>Your best bet to protecting from rainbow tables is to use a character not referenced in commonly available sets in your password as you inevitably otherwise reach the limits of security vs usability with exceptionally long characters. As I use british keyboards, I generally recommend the £ symbol (British pound) or accent over a vowel. The Euro symbol is also good if you're staying in Europe.
With a separate salt for each password the rainbow table becomes useless.<p>If an attacker has both the salt and the hash, they are back to computing the table (brute force)
If they're really just using 80GB on the SSD (as the linked-to article suggests), why not just use a server with 128GB of RAM and avoid writing to disk altogether?
I believe it's not accidental that all passwords that they crack in the demo are 14 characters or less, that can mean that they attack the hashes which are always possible to crack, the speedup they claim is 100 (they simply increased tables from 8 GB to 80 GB and put them on SSD) but e.g. 1000 seconds before was also very fast for somebody who just needed to gain access to one target.
I call bullshit.<p>Let's say we want to have a rainbow table for all passwords 14 characters long.<p>Let's say we only work with upper and lowercase English characters (26+26) and digits (10), so 62 possible characters.<p>To just store all the possible passwords would take 14 * 62^14 bytes = 1.617 × 10^17 gigabytes.
Considering that most password are shorter than 14 characters, everyone implementing hashed passwords without a random salt could just store them as plain text. The rainbow table for the most common passwords (names, cities, pet names etc.) would fit in less than 1GB and would probably yield a very high success rate. There's no need to use complex passwords to prove that hashes without proper salting are bound to fail.
People, NTLM hashes have been dead for years. Stop using them.<p><a href="http://support.microsoft.com/kb/299656" rel="nofollow">http://support.microsoft.com/kb/299656</a>
The details are interesting (although completely obvious), but the article is really stupid, as it assumes everyone uses unsalted passwords and MD5 to create hashes. Duh.
This submission and frankly most of the comments on this HN thread are disturbing. There is a severe lack of understanding of NTLM and the purpose of even hashing, let alone salting, a password... strange.