trying to correctly handle account passwords via ldap

[Andrew Bartlett]

On Mon, 2006-03-27 at 18:45 -0800, Jeremy Allison wrote:
> On Tue, Mar 28, 2006 at 12:42:40PM +1000, Andrew Bartlett wrote:
> > On Tue, 2006-03-28 at 11:46 +1000, Luke Howard wrote:
> > > >You mean they are stored with the old format but wrapped into something
> > > >else when queried through DRS ?
> > > 
> > > DRS uses application-level encryption of secret attributes in addition to
> > > the session encryption provided by the GSS-API. Nonetheless this encryption
> > > is session-specific and is in addition to the OWF obfuscation.
> > 
> > And remains on my list of crypto challenges to tackle. :-)
> 
> I think Luke was giving you a hint by the url he posted :-).

Yes, it is much easier to handle the application-level encryption when
you know the exact form of the data below it.  Now I can easily form a
password, and compute what the RID-encrypted form will be, I will have
an easier job (and most importantly, a success condition).

I'll take all the hints I can get.  My current guess is that a/the
session key is mixed (MD5?) with a 16 byte nonce that appears to be
prefixed/suffixed to the value, and then used to RC4 encrypt the data
(it seems to be a stream cipher).  

Interestingly, the session key should be 'SystemLibraryDTC' if the
pattern on LSA and SAMR over TCP is followed.  But perhaps they get a
'real' key in there somewhere.  

(This is all below the GSSAPI layer, which bulk encrypts the whole
stream).

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20060328/a7be3bc3/attachment.bin