[Samba] How does SMB 3.0 encryption work?

daniel at benoy.name daniel at benoy.name
Tue Aug 15 00:26:35 UTC 2017

It does, thanks.

So if the password is known, or the KDC compromised, then in principle 
MITM becomes possible?

On 2017-08-14 15:28, Andrew Bartlett wrote:
> On Mon, 2017-08-14 at 06:45 -0400, Daniel Benoy via samba wrote:
>> Is it perhaps using your password somehow? Like, if an attacker knew 
>> the
>> password that the client is using to connect, would it then be able to
>> MITM and watch all the writes and reads that client performs, but 
>> since
>> an attacker is unlikely to know your password already, then they're
>> unable to know the initial symmetric cipher that each side is
>> expecting... or something like that?
> This is essentially correct, for NTLM.
> For Kerberos, it is the shared secret between the KDC and the file
> server, and then the password between you and the KDC.
> I'm drastically simplifying and in both cases, session keys are not
> directly the password, but things encrypted with the password and
> exchanged.
> It isn't public key based.
> I hope this helps,
> Andrew Bartlett

More information about the samba mailing list