Syskey reuses keystream

Overview

Versions of SYSKEY in use prior to December, 1999 leave the SAM database vulnerable to cryptanalytic attacks.

Description

SYSKEY is a utility introduced in Microsoft Windows NT 4.0 service pack 3 to provide strong cryptographic protection to the SAM (password) database. The protection SYSKEY provides is intended to prevent attacks against the SAM database even if an intruder can obtain a copy of the database. Although the passwords stored in the SAM database are encrypted, if an intruder can obtain a copy of the SAM database, he can attempt a dictionary attack to obtain the passwords. That is, an intruder can select words from a dictionary, encrypt (or hash) them in the same way the SAM database would, and compare the results to the encrypted values stored in the SAM. If the values match, the intruder has discovered the password. Thwarting a dictionary attack is one of the reasons that you should choose a password that is not listed in any dictionary of any language.

SYSKEY is designed to make dictionary and other types of attacks infeasible by encrypting the SAM database in a way that is impossible for the intruder to reproduce (thus making it impossible for the intruder to know if he has guessed the real password) without knowledge of a secret, known as the SystemKey.

A flaw in the way SYSKEY encrypts the SAM database renders the protection it offers ineffective, and thus enabling a dictionary attack. It should be noted that an intruder would still need to obtain a copy of the SAM database to conduct a subsequent dictionary attack.

In cryptanalytic terms, SYSKEY reuses a portion of an RC4 keystream to encrypt the SAM database. For more information, see

<http://razor.bindview.com/publish/advisories/adv_WinNT_syskey.html&gt;
<http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms99-056.asp&gt;

This vulnerability was discovered by BindView’s RAZOR team and addressed by Microsoft in December, 1999.

---

Impact

Attackers can conduct dictionary attacks against the SAM database if they can obtain a copy of it.

---

Solution

---

Vendor Information

36764

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Microsoft __ Affected

Updated: November 15, 2001

Status

Affected

Vendor Statement

See <http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms99-056.asp&gt;

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%2336764 Feedback>).

CVSS Metrics

Group	Score	Vector
Base
Temporal
Environmental

References

• <http://razor.bindview.com/publish/advisories/adv_WinNT_syskey.html&gt;
• <http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms99-056.asp&gt;
• <http://www.microsoft.com/technet/security/bulletin/fq99-056.asp&gt;
• <http://www.securityfocus.com/templates/advisory.html?id=1974&gt;
• <http://burks.bton.ac.uk/burks/foldoc/73/90.htm&gt;
• <http://www.cs.uwf.edu/~wilde/CEN6990/papers/boone/RC4.htm&gt;

Acknowledgements

Our thanks to BindView’s RAZOR team and Microsoft for the information in their advisories.

This document was written by Shawn V Hernan.

Other Information

CVE IDs:	CVE-1999-0994
Severity Metric:	3.00 Date Public: