2.2.1.1.4 NT_OWF_PASSWORD

The NT_OWF_PASSWORD structure SHOULD<7> define a one-way function (OWF) of a domain password. The NT_OWF_PASSWORD structure SHOULD be encrypted, as specified by each method that uses this structure. When this structure is encrypted, Netlogon methods uses the DES encryption algorithm in ECB mode, as specified in [MS-SAMR] section 2.2.11.1.1 Encrypting an NT Hash or LM Hash Value with a specified key. The session key is the specified 16-byte key used to derive its keys using the 16-byte value process, as specified in [MS-SAMR] section 2.2.11.1.4. For specific encryption information, see the individual methods, such as NetrServerTrustPasswordsGet (section 3.5.4.4.9) and NetrServerGetTrustInfo (section 3.5.4.7.6).

 typedef struct _NT_OWF_PASSWORD {
   CYPHER_BLOCK data[2];
 } NT_OWF_PASSWORD,
  *PNT_OWF_PASSWORD,
  ENCRYPTED_NT_OWF_PASSWORD,
  *PENCRYPTED_NT_OWF_PASSWORD;

data: An array of CYPHER_BLOCK structures (section 2.2.1.1.1) that contains the NTOWFv1 of a password. NTOWFv1 is specified in NTLM v1 Authentication in [MS-NLMP] section 3.3.1.