encryption of MAPI

James Sutherland jas88 at cam.ac.uk
Wed Aug 23 09:38:49 GMT 2000

On Wed, 23 Aug 2000, Luke Kenneth Casson Leighton wrote:

> On Tue, 22 Aug 2000, James Sutherland wrote:
> > On Tue, 22 Aug 2000, Luke Kenneth Casson Leighton wrote:
> > 
> > > ... is to XOR 0xa5 over the block :)
> > 
> > ROFL! MS certainly seem to like that "encryption" algorithm - API
> > obfuscation (some of the low-level API calls have the entry point address
> > XORed with a "magic number"), password encryption for WinCE (with
> > the string "Pegasus", reversed)... Did they have a hand in CSS? :-)
> > 
> > Just think how much harder life could be if MS actually found themselves a
> > competent crypto guy...
> funnily enough, they do actually have one of the best crypto people
> around.
> ... only recently did they actually start talking to him, though.


> but seriously, the purpose of 10100101 is to make cleartext less readable.
> for encryption, you use DCE/RPC's NTLMSSP, with sign and seal requested.
> MAPI's job is not to encrypt, but to do mail.

OK, if this obfuscation isn't for security, what's it for? The usual, no
doubt - just make it more difficult for people to compete...

> NTLMSSP's job is to authenticate, sign and seal.

Bleurgh. Let's hope the final judgement from the Supreme Court (or the EU
case) prohibits MICROS~1 from obfuscating APIs, protocols etc...


More information about the samba-technical mailing list