Some “brilliant” “engineer” at Microsoft got paid way too much money to invent this non-sense protocol below:
[ Video: https://www.youtube.com/watch?v=sIidzPntdCM by Moxie Marlinspike]
So here, I’ll propose a simpler version, based on better algorithms, for free! Let’s call it, I don’t know… MSCHAPv3 and here’s it’s RFC:
Client [username & password stored in brain]
Server [username & password stored in file_hash = username:pre_salt;sha256(pre_salt + password + post_salt);post_salt]
[pre_salt = random_char(16) & post_salt = random_char(16)]
Client [client_nonce = random_byte(32)]
Client ---> client_nonce ---> Server
Server [server_nonce = random_byte(32)]
Client <--- server_nonce user_hash ---> Server
Client <--- pre_salt + ";" + post_salt chap_hash ---> Server
Server [chap_hash = sha256(client_nonce + file_hash + server_nonce) & auth_stat = (OK or NO)]
Client <--- auth_stat <--- Server
And here’s the Python/Pseudo Code:
import hashlib import random file_hash = "jon:[email protected]#$;086f15ae992ccf018f8b907681a855df80836448fd1240cad48f4fd4cd591c6a;%^&*" client_nonce = str(random.getrandbits(32*8)) ; print("--->", client_nonce) server_nonce = str(random.getrandbits(32*8)) ; print("", user_hash,"==",user_verify) pre_salt = file_hash.split(":")[1].split(";")[0] post_salt = file_hash.split(":")[1].split(";")[2] ; print("", chap_hash,"==",chap_verify) auth_stat = ((user_hash == user_verify) and (chap_hash == chap_verify)) ; print("<---", auth_stat)
And here’s the public parts of the CHAP:
('--->', '56694872300446231399629229069920062364535355653875029722468457353192460920651')
('', 'e755ddaebc858e9cf681c07f875f10af57b2d824c3b3733d89811b7471997d22', '==', 'e755ddaebc858e9cf681c07f875f10af57b2d824c3b3733d89811b7471997d22')
('', '6d1f2bf581e65227f7d8ec88f7fe85090642e66a9bd754e3ee8bc4e7c185c431', '==', '6d1f2bf581e65227f7d8ec88f7fe85090642e66a9bd754e3ee8bc4e7c185c431')
('<---', True)
Jon's FOSS Blog 
HAHAHA I AM TOTALLY SMART AND I REALLY UNDERSTAND YOUR CRYPTO ENGINEER JOKE REALLY I DO
*weeps*