3.3.1 NTLM v1 Authentication

The following pseudocode defines the details of the algorithms used to calculate the keys used in NTLM v1 authentication.

Note The LM and NTLM authentication versions are not negotiated by the protocol. It MUST be configured on both the client and the server prior to authentication. The NTOWF v1 function defined in this section is NTLM version-dependent and is used only by NTLM v1. The LMOWF v1 function defined in this section is also version-dependent and is used only by LM and NTLM v1.

The NT and LM response keys MUST be encoded using the following specific one-way functions where all strings are encoded as RPC_UNICODE_STRING ([MS-DTYP] section 2.3.10).

Explanation of message fields and variables:

ClientChallenge: The 8-byte challenge message generated by the client.

LmChallengeResponse: The LM response to the server challenge.  This field is computed by the client.

NegFlg, User, UserDom: Defined in section 3.3.1.

NTChallengeResponse: The NT response to the server challenge. This field is computed by the client.

Passwd: Password of the user. If the password is longer than 14 characters, the LMOWF v1 cannot be computed.  For LMOWF v1, if the password is shorter than 14 characters, it is padded by appending zeroes.

ResponseKeyNT: Temporary variable to hold the results of calling NTOWF().

ResponseKeyLM: Temporary variable to hold the results of calling LMGETKEY.

CHALLENGE_MESSAGE.ServerChallenge: The 8-byte challenge message generated by the server.

 --
 -- Functions Used:
 --   Z(M)- Defined in section 6.
  
 Define NTOWFv1(Passwd, User, UserDom) as MD4(UNICODE(Passwd))
 EndDefine
  
 Define LMOWFv1(Passwd, User, UserDom) as
        ConcatenationOf( DES( UpperCase( Passwd)[0..6],"KGS!@#$%"),
                  DES( UpperCase( Passwd)[7..13],"KGS!@#$%")) 
 EndDefine
  
 Set ResponseKeyNT to NTOWFv1(Passwd, User, UserDom)
 Set ResponseKeyLM to LMOWFv1( Passwd, User, UserDom )
  
 Define ComputeResponse(NegFlg, ResponseKeyNT, ResponseKeyLM, 
 CHALLENGE_MESSAGE.ServerChallenge, ClientChallenge, Time, ServerName)
 As
 If (User is set to "" AND Passwd is set to "")
     -- Special case for anonymous authentication
     Set NtChallengeResponseLen to 0
     Set NtChallengeResponseMaxLen to 0
     Set NtChallengeResponseBufferOffset to 0
     Set LmChallengeResponse to Z(1)
 ElseIf
 If (NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY flag is set in NegFlg) 
         Set NtChallengeResponse to DESL(ResponseKeyNT, 
         MD5(ConcatenationOf(CHALLENGE_MESSAGE.ServerChallenge, 
         ClientChallenge))[0..7])
         Set LmChallengeResponse to ConcatenationOf{ClientChallenge, 
         Z(16)}
     Else 
         Set NtChallengeResponse to DESL(ResponseKeyNT, 
         CHALLENGE_MESSAGE.ServerChallenge)
         If (NoLMResponseNTLMv1 is TRUE)
             Set LmChallengeResponse to NtChallengeResponse
         Else 
             Set LmChallengeResponse to DESL(ResponseKeyLM, 
             CHALLENGE_MESSAGE.ServerChallenge)
         EndIf
     EndIf
 EndIf
  
 Set SessionBaseKey to MD4(NTOWF)
  

On the server, if the user account to be authenticated is hosted in Active Directory, the challenge-response pair MUST be sent to the DC to verify ([MS-APDS] section 3.1.5).

The DC calculates the expected value of the response using the NTOWF v1 and/or LMOWF v1 and matches it against the response provided. If the response values match, it MUST send back the SessionBaseKey. Otherwise, it MUST return an error to the calling application. The server MUST return an error to the calling application if the DC returns an error. If the DC returns STATUS_NTLM_BLOCKED, then the server MUST return STATUS_NOT_SUPPORTED ([MS-ERREF] section 2.3.1).

If the user account to be authenticated is hosted locally on the server, the server calculates the expected value of the response using the NTOWF v1 and/or LMOWF v1 stored locally, and matches it against the response provided. If the response values match, it MUST calculate KeyExchangeKey; otherwise, it MUST return an error to the calling application.<77>