Message processing on the client takes place in the following two cases:

  • When the application initiates authentication and the client then sends a NEGOTIATE_MESSAGE (section

  • When the client receives a CHALLENGE_MESSAGE (section from the server and then sends back an AUTHENTICATE_MESSAGE (section

These two cases are specified in the following sections.

When encryption is desired, the stream cipher RC4 is used. The key for RC4 is established at the start of the session for an instance of RC4 dedicated to that session. RC4 then continues to generate key stream in order over all messages of the session, without rekeying.

The pseudocode RC4(handle, message) is defined as the bytes of the message XORed with bytes of the RC4 key stream, using the current state of the session's RC4 internal key state. When the session is torn down, the key structure is destroyed.

The pseudocode RC4K(key, message) is defined as a one-time instance of RC4 whose key is initialized to key, after which RC4 is applied to the message. On completion of this operation, the internal key state is destroyed.