[1304] in cryptography@c2.net mail archive
Re: Microsoft RAS encryption?
daemon@ATHENA.MIT.EDU (Mike)
Mon Aug 4 08:31:15 1997
Date: Mon, 04 Aug 1997 08:59:44 +0200
To: sameer <sameer@c2.net>
From: Mike <Michael.Johnson@mejl.com>
Cc: cypherpunks@toad.com, cryptography@c2.net
In-Reply-To: <199708011755.KAA11466@gabber.c2.net>
sameer wrote:
> See www.l0pht.com
>> Does anybody know how Microsoft RAS implements data encryption? Apparently
>> (http://www.microsoft.com/kb/articles/q136/6/34.htm) they use RC4, but is
>> this stuff documented somewhere, like in an RFC?
What I can find at www.l0pht.com only deals with password authentication.
I'm more interested in the RC4 data encryption that Microsoft RAS servers
and clients are using. That is, once a PPP session is established and
MSCHAP is used to authenticate the session, the secret from MSCHAP is
reused as two RC4 keys with 40 or 128 bit keys (US or International
versions). But I can't find any documents on exactly how this works.
Mike.
