From: Mike <Michael.Johnson@mejl.com>
To: sameer <sameer@c2.net>
Message Hash: 268b5a54613cb8ed6e1eb5bff0a2625e28b38a056db6551cde04fa387f76c665
Message ID: <3.0.3.32.19970804085944.0091fd80@localhost>
Reply To: <3.0.3.32.19970801101506.0092b420@localhost>
UTC Datetime: 1997-08-04 07:12:21 UTC
Raw Date: Mon, 4 Aug 1997 15:12:21 +0800
From: Mike <Michael.Johnson@mejl.com>
Date: Mon, 4 Aug 1997 15:12:21 +0800
To: sameer <sameer@c2.net>
Subject: Re: Microsoft RAS encryption?
In-Reply-To: <3.0.3.32.19970801101506.0092b420@localhost>
Message-ID: <3.0.3.32.19970804085944.0091fd80@localhost>
MIME-Version: 1.0
Content-Type: text/plain
sameer wrote:
> See www.l0pht.com
>> Does anybody know how Microsoft RAS implements data encryption? Apparently
>> (http://www.microsoft.com/kb/articles/q136/6/34.htm) they use RC4, but is
>> this stuff documented somewhere, like in an RFC?
What I can find at www.l0pht.com only deals with password authentication.
I'm more interested in the RC4 data encryption that Microsoft RAS servers
and clients are using. That is, once a PPP session is established and
MSCHAP is used to authenticate the session, the secret from MSCHAP is
reused as two RC4 keys with 40 or 128 bit keys (US or International
versions). But I can't find any documents on exactly how this works.
Mike.
Return to August 1997
Return to “sameer <sameer@c2.net>”