Microsoft weak encryption

Andy Brown a.brown at nexor.co.uk
Thu Nov 30 03:55:02 PST 1995


Joel McNamara wrote:

> Peter Gutmann has an interesting article in sci.crypt, demonstrating how
> weak Microsoft's encryption is with basic access control in Windows for
> Workgroups (I'm assuming Win95 uses the same algorithm).  Essentially, he
> shows how a 32-bit key is created to be passed to RC4 for encrypting .PWL
> files.  I think a t-shirt is definitely in order for this.

Further information on the method used by Windows NT (a challenge-response
mechanism) can be found on the MSDN CD, or on the MS ftp site:
PSS ID Number: Q102716.  I'll mail the article to anyone that wants to see
it (~11k).


- Andy






More information about the cypherpunks-legacy mailing list