Integrated Windows Authentication
Integrated Windows Authentication (IWA), formerly known as http://beijinginsight.com/tester/viewtopic.php?t=87 - The protocol
The protocol uses a challenge-response sequence requiring the
transmission of three messages between the client (wishing to
authenticate) and the server (requesting authentication):
1. The client first sends a Type 1 message containing a set of
flags of features supported or requested (such as encryption key sizes,
request for mutual authentication, etc.) to the server.
2. The server responds with a Type 2 message containing a similar set
of flags supported or required by the server (thus enabling an
agreement on the authentication parameters between the server and the
client) and, more importantly, a random challenge (8 bytes).
3. Finally, the client uses the challenge obtained from the Type 2
message and the user's credentials to calculate the response. The
calculation methods differ based on the NTLM authentication parameters
negotiated previously, but in general they apply MD4/MD5 hashing
algorithms and DES encryption to compute the response. The client then
sends the response to the server in a Type 3 message.
_________________
|