GO to the azbil Global Site

The photo of a boy and his father who are looking at the screen of pc. Products Company Research In The Media Contact



Optimized attack for NTLM authentication

In October 2003, we developed a system for analyzing the new default NTLM authentication (NTLM2 Session Response) that Windows XP and 2000 SP3 or later use, in real time (within a couple of seconds).

The system configuration is as follows:

  • OS: Windows XP
  • CPU: Pentium 4 - 1.6GHz
  • Memory: 128MB
  • Hard disk space for precomputation: 1,632GB
  • The number of passwords to be analyzed:  Approximately 630 billion

The technology used for this system is based on optimized attack described in the document below:

Cryptanalysis of Microsoft's Point-to-PointTunneling Protocol (PPTP)

(Apr. 2004)

Presentation pdf:

Optimized Attack for NTLM2 Session Response



SecurityFriday TM

(C)Azbil SecurityFriday Co., Ltd. All rights reserved.