Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The client MUST derive the CEK in the following manner:
A 16-byte encryption key is derived using the PBKDF2 algorithm with HMAC SHA-512, the NT-hash of the users existing password, a random 16-byte Salt, and an Iteration count.
The Iteration Count MUST be between 5000 and 1,000,000 inclusive.
CEK :: = (PBKDF2(NT HASH of “OldPassword”, Salt, Iteration Count, 16))