[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Microsoft weak encryption
Joel McNamara wrote:
> Peter Gutmann has an interesting article in sci.crypt, demonstrating how
> weak Microsoft's encryption is with basic access control in Windows for
> Workgroups (I'm assuming Win95 uses the same algorithm). Essentially, he
> shows how a 32-bit key is created to be passed to RC4 for encrypting .PWL
> files. I think a t-shirt is definitely in order for this.
Further information on the method used by Windows NT (a challenge-response
mechanism) can be found on the MSDN CD, or on the MS ftp site:
PSS ID Number: Q102716. I'll mail the article to anyone that wants to see
it (~11k).
- Andy