Wireshark-bugs: [Wireshark-bugs] [Bug 10777] New: Description for `smb.encryption_key` is probab
Bug ID |
10777
|
Summary |
Description for `smb.encryption_key` is probably inaccurate.
|
Product |
Wireshark
|
Version |
1.12.2
|
Hardware |
x86-64
|
OS |
Windows 8.1
|
Status |
UNCONFIRMED
|
Severity |
Normal
|
Priority |
Low
|
Component |
Dissection engine (libwireshark)
|
Assignee |
bugzilla-admin@wireshark.org
|
Reporter |
taopy@qq.com
|
Created attachment 13324 [details]
an SMB session
Build Information:
Version 1.12.2 (v1.12.2-0-g898fa22 from master-1.12)
--
Protocol: SMB
Packet: Negotiate Protocol Response
In the response packet, SMB Server will return a **nonce** if
Challenge/Response Authentication is enabled. The **nonce** corresponds to the
field named **Encryption Key** in Wireshark.
**Encryption Key** will mislead users to regard this as **a key for cipher
algorithms**. However, this nonce is been used as the **plain text** input of
DES or HMAC-MD5 than the **key** input in NTLMv1/2. [1]
So I suggest changing the field name from **Encryption Key** to **Challenge
Nonce** or other appropriate words.
Thanks for reading.
Reference:
[1]:http://en.wikipedia.org/wiki/NT_LAN_Manager#NTLMv1
You are receiving this mail because:
- You are watching all bug changes.