Re: Where can I find NTLMSSP Spec? from Andrew Bartlett on 2002-05-16 (squid-dev)

From: Andrew Bartlett <abartlet@dont-contact.us>
Date: Thu, 16 May 2002 16:21:48 +1000

Andrew Bartlett wrote:
>
> Yee Man Chan wrote:

> > Hi Andrew,
> >
> > Looks like you are the NTLM expert here. :) So if I
> > have a password called "iamaboyuareagirl" and I got a
> > 8-byte challenge, then the LM response will use
> >
> > ("IAMABOY" + 1 NULL byte) as key to DES encrypt
> > challenge to calculate 1st 8-byte signature
> > ("UAREAGI" + 1 NULL byte) as key to DES encrypt
> > challenge to calculate 2nd 8-byte signature
> > ("RL" + 6 NULL bytes) as key to DES encrypt challenge
> > to calculate 3rd 8-byte signature
>
> There is no 3rd 8-byte signitire. LM hash is 14 bytes long.

That should read 'LM hash is 16 bytes long'.

-- 
Andrew Bartlett                                 abartlet@pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet@samba.org
Student Network Administrator, Hawker College   abartlet@hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

Received on Thu May 16 2002 - 00:22:10 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:15:27 MST