Padme: AD uses salts in its protocol, right?

timmedin · 2025-09-11T15:21:25 1757604085

In Kerberos, the answer is effectively no. To generate the NT hash, the password is hashed using a single round of MD4. This is what is used to encrypt (and sign) tickets.

The attack is, guess a password, hash it, and attempt to decrypt.

With AES Kerberos keys there is a salt... but not a good one. It is just the domain (realm) and the username.