Network Authentication Processes
Some network authentication algorithms use the password hash as an encryption key. Instead of sending password credentials across the network, challenge/response-type algorithms such as NTLM use the hash to encrypt the nonce, or challenge. The challenge is a string sent by the domain controller (DC) to the client. The client generates and returns a response by encrypting the challenge using a cryptographic hash of the password entered by the user. Because the DC knows the challenge and the user's password hash is stored in its account database, the DC can create its own response. If its response matches the client's, then the user is authenticated.
Various authentication algorithms are used to provide authenticated ...
Get Windows Server 2003 Security: A Technical Reference now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
