Export (0) Print
Expand All

1.1 Glossary

The following terms are defined in [MS-GLOS]:

Active Directory
code page
domain controller (DC)
domain name (3)
fully qualified domain name (FQDN) (1) (2)
Message Authentication Code (MAC)
original equipment manufacturer (OEM) character set
remote procedure call (RPC)
Security Support Provider Interface (SSPI)
session key

The following terms are specific to this document:

AV pair: A term for "attribute/value pair". An attribute/value pair is the name of some attribute, along with its value. AV pairs in NTLM have a structure specifying the encoding of the information stored in them.

challenge: A piece of data used to authenticate a user. A challenge typically takes the form of a nonce.

connection oriented NTLM: A particular variant of NTLM designed to be used with connection oriented remote procedure call (RPC).

cyclic redundancy check (CRC): An algorithm used to produce a checksum (that is, a small, fixed number of bits) against a block of data, such as a packet of network traffic or a block of a computer file. The CRC is used to detect errors after transmission or storage. A CRC is designed to catch stochastic errors, as opposed to intentional errors. If errors might be introduced by a motivated and intelligent adversary, a cryptographic hash function should be used instead.

FILETIME: The date and time as a 64-bit value in little-endian order representing the number of 100-nanosecond intervals elapsed since January 1, 1601 (UTC).

forest tree name: A forest tree name is the first domain name in a Microsoft Active Directoryforest when the forest was created.

identify level token: A security token resulting from authentication that represents the authenticated user but does not allow the service holding the token to impersonate that user to other resources.

key exchange key: The key used to protect the session key that is generated by the client. The key exchange key is derived from the response key during authentication.

LMOWF(): A one-way function used to generate a key based on the user's password.

LMOWF: The result generated by the LMOWF() function.

NTOWF(): A one-way function (similar to the LMOWF function) used to generate a key based on the user's password.

NTOWF: The result generated by the NTOWF() function.

response key: A key generated by a one-way function from the name of the user, the name of the user's domain, and the password. The function depends on which version of NTLM is being used. The response key is used to derive the key exchange key.

sequence number: In the NTLM protocol, a sequence number can be explicitly provided by the application protocol, or generated by NTLM. If generated by NTLM, the sequence number is the count of each message sent, starting with 0.

session security: The provision of message integrity and/or confidentiality through use of a session key.

MAY, SHOULD, MUST, SHOULD NOT, MUST NOT: These terms (in all caps) are used as described in [RFC2119]. All statements of optional behavior use either MAY, SHOULD, or SHOULD NOT.

© 2014 Microsoft