Windows 10 使用什么哈希算法来存储密码?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/33814568/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
What hashing algorithm does Windows 10 use to store passwords?
提问by James Vickery
I have recently been taught about hashing in A-Level Computing and wondered if I could write a program to hash passwords using the same algorithm as Windows 10.
我最近在 A-Level Computing 中学习了散列,并想知道我是否可以编写一个程序来使用与 Windows 10 相同的算法来散列密码。
The reason I want to use the same algorithm as used to store passwords in Windows 10 is because I would like to compare the hashed value I generate to the value stored by Windows.
我想使用与用于在 Windows 10 中存储密码相同的算法的原因是因为我想将生成的散列值与 Windows 存储的值进行比较。
What hashing algorithm does Windows 10 use to store passwords?
Windows 10 使用什么哈希算法来存储密码?
采纳答案by TessellatingHeckler
The NT hash is simply a hash. The password is hashed by using the MD4 algorithm and stored.
NT 散列只是一个散列。密码使用 MD4 算法散列并存储。
NTLM [..] uses RC4 for encryption. Deriving a key from a password is as specified in RFC1320and [FIPS46-2].
NTLM [..] 使用 RC4 进行加密。从密码派生密钥如RFC1320和 [FIPS46-2] 中所述。
This appears to still be the case in Windows 10, although it's now stored completely differently (in an isolated virtual machine for protecting passwords).
这在 Windows 10 中似乎仍然如此,尽管它现在的存储方式完全不同(在隔离的虚拟机中用于保护密码)。
This reasoningalso backs up the idea that the hash algorithm won't have changed, but it's not a certainty.
这种推理也支持哈希算法不会改变的想法,但这并不确定。
NB. that this applies to a standalone computer. If the computer is joined to an Active Directory domain, the domain controllers use an AES based system for password hashing.
注意。这适用于独立的计算机。如果计算机加入 Active Directory 域,域控制器将使用基于 AES 的系统进行密码散列。
