[cifs-protocol] Session keys are not always 16 bytes long

Andrew Bartlett abartlet at samba.org
Wed Jul 23 05:58:12 GMT 2008

I'm looking for correction assistance regarding SMB session keys. 

Our tests show that the session keys, referred consistently in MS-SMB
and MS-SAMR as 16 byte quantities are not a simple as they are made out
to be.

For example, a Windows Vista SP1 client using GSSAPI with CFX will
negotiate an AES session key with Samba4.  This is 32 bytes long, and
all 32 bytes are required to satisfy the SMB signing between Vista SP1
and Samba4.  (despite MS-SMB 4.3 talking about a 16 bytes key).
Similarly, our tests have shown that for DES kerberos, an 8 byte key is

However, further in on the domain join, Samr password set operations are
made.  There similarly we have observed 8 bytes kerberos keys in the
past, but testing shows that for the 32 byte key from the Vista join,
the key must be truncated to 16 bytes.  (See MS-SAMR

Please correct the documentation to clearly specify when the
variable-length key is used (perhaps make it clear that it is usually,
but not always 16 bytes), and when a truncated key is used. 

Furthermore, please clarify the linkage between MS-SAMR, MS-SMB and
MS-KILE regarding session keys.  I can't find a clear reference as to
which of the numerous keys kerberos produces is considered the 'SMB
session key'.  Is it not possible to include section numbers in the
document cross-references?


Andrew Bartlett
Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20080723/4a4882c7/attachment.bin

More information about the cifs-protocol mailing list