Strong Password Substitution (USRSSBPWD).
This method generates a password substitute to send to the target
Substitution algorithm works as follow:
PW_TOKEN = SHA-1(PW, ID)
The password (PW) and user name (ID) can be of any length greater
than or equal to 1 byte.
The client generates a 20-byte password substitute (PW_SUB) as follows:
PW_SUB = SHA-1(PW_TOKEN, RDr, RDs, ID, PWSEQs)
w/ (RDs) as the random client seed and (RDr) as the server one.
See PWDSSB - Strong Password Substitution Security Mechanism
(DRDA Vol.3 - P.650)