A bit more NTLMSSP signing stuff

eric.glass at comcast.net eric.glass at comcast.net
Fri Aug 15 12:18:41 GMT 2003

Some slight revisions to my previous post, regarding the Lan Manager Key
signing; I also figured out Lan Manager Key Exchange signing.

    Lan Manager Key (40-bit)
        Used when the "Negotiate Lan Manager Key" NTLM flag is negotiated,
        and "Negotiate 56" is *not* set.
        A 128-bit "master key" is created:
            LMResp(lmHash[0-7] + '0xbdbdbdbdbdbdbdbd', lmResponse[0-7])[0-15]
        That is, the first 8 bytes of the LM response are DES-encrypted using
        three keys derived from the first 8 bytes of the LM hash padded with
        '0xbdbdbdbdbdbdbdbd'.  The first 16 bytes of the 24-byte result are
        used as the master key.
        The 40-bit key is the first 5 bytes of the master key, padded with the
        3-byte constant '0xe538b0'; this is used as the signing key.

    Lan Manager Key 56-bit
        Same as 40-bit, but instead of 5 bytes padded with '0xe538b0', it is
        7 bytes padded with the single byte '0xa0'.  This is used when both
        "Negotiate Lan Manager Key" and "Negotiate 56" are set.

    Lan Manager Key w/Key Exchange
        This is used when "Negotiate Lan Manager Key" and
        "Negotiate Key Exchange" are set.  The Type 3 session key is used
        to mutate the signing key as follows:
        The Type 3 session key is RC4-encrypted using the 128-bit "master key"
        calculated previously;  the resulting 16-byte value is cut and
        padded as before to form a 40-bit or 56-bit key (depending on
        whether "Negotiate 56" is set).  So 40-bit is:

            RC4(masterKey, sessionKey)[0-4] + '0xe538b0'

        and 56-bit is:

            RC4(masterKey, sessionKey)[0-6] + '0xa0'


More information about the samba-technical mailing list