SYSKEY
<cryptography, operating system, security> A utility that encrpyts the
hashed password information in a SAM database using a 128-bit encryption key.
SYSKEY was an optional feature added in Windows NT 4.0 SP3. It was meant to
protect against offline password cracking attacks so that the SAM database would
still be secure even if someone had a copy of it. However, in December 1999, a
security team from BindView found a security hole in SYSKEY which
indicates that a certain form of cryptoanalytic attack is possible offline. A
brute-force attack then appeared to be possible.
Microsoft later collaborated with BindView to issue a fix (dubbed the 'Syskey
Bug') which appears to have been settled and SYSKEY pronounced secure enough to
resist brute-force attack.
According to Todd Sabin of the BindView team RAZOR, the pre-RC3 versions of
Windows 2000 were also affected.
BindView Security Advisory.
BindView press release.
Microsoft bulletin.
(2000-07-16)
Nearby terms:
sysape « Sysdeco Mimer AB « sys-frog « SYSKEY
» SYSLISP » sysop » Sysplex
|