[Evolution] Re: encryption of MAPI

From: Luke Kenneth Casson Leighton <lkcl samba org>
To: James Sutherland <jas88 cam ac uk>
Cc: evolution helixcode com, evolution-hackers helixcode com, Multiple recipients of list <samba-technical samba org>
Subject: [Evolution] Re: encryption of MAPI
Date: Wed, 23 Aug 2000 13:49:01 +1000

On Tue, 22 Aug 2000, James Sutherland wrote:

On Tue, 22 Aug 2000, Luke Kenneth Casson Leighton wrote:

... is to XOR 0xa5 over the block :)


ROFL! MS certainly seem to like that "encryption" algorithm - API
obfuscation (some of the low-level API calls have the entry point address
XORed with a "magic number"), password encryption for WinCE (with
the string "Pegasus", reversed)... Did they have a hand in CSS? :-)

Just think how much harder life could be if MS actually found themselves a
competent crypto guy...


funnily enough, they do actually have one of the best crypto people
around.

... only recently did they actually start talking to him, though.

but seriously, the purpose of 10100101 is to make cleartext less readable.

for encryption, you use DCE/RPC's NTLMSSP, with sign and seal requested.

MAPI's job is not to encrypt, but to do mail.

NTLMSSP's job is to authenticate, sign and seal.

Follow-Ups:
- [Evolution] Re: encryption of MAPI
  - From: James Sutherland

References:
- [Evolution] Re: encryption of MAPI
  - From: James Sutherland

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]