[cifs-protocol] salt used for various principal types

Andrew Bartlett abartlet at samba.org
Mon Sep 21 13:47:08 MDT 2009

I can't find any reference in either MS-ADTS or MS-KILE regarding the
salt used for for the different types of principals in the kerberos
protocol.  (A salt is used as a confounded in string2key operations in

I know there are different salt calculations for users and computers,
and presumably again for interdomain trust accounts. See:

I asked about this in respect to domain trusts in August 2008, and
received an informative reply, but I can't find the algorithm for
user/machine accounts written down.  


Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20090921/ae970da4/attachment.pgp>

More information about the cifs-protocol mailing list