Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 10777] New: Description for `smb.encryption_key` is probably inaccurate.

Wireshark-bugs: [Wireshark-bugs] [Bug 10777] New: Description for `smb.encryption_key` is probab

Date: Mon, 15 Dec 2014 14:11:22 +0000

Bug ID	10777
Summary	Description for `smb.encryption_key` is probably inaccurate.
Product	Wireshark
Version	1.12.2
Hardware	x86-64
OS	Windows 8.1
Status	UNCONFIRMED
Severity	Normal
Priority	Low
Component	Dissection engine (libwireshark)
Assignee	[email protected]
Reporter	[email protected]

Created attachment 13324 [details]
an SMB session

Build Information:
Version 1.12.2 (v1.12.2-0-g898fa22 from master-1.12)
--
Protocol: SMB
Packet: Negotiate Protocol Response

In the response packet, SMB Server will return a **nonce** if
Challenge/Response Authentication is enabled. The **nonce** corresponds to the
field named **Encryption Key** in Wireshark.

**Encryption Key** will mislead users to regard this as **a key for cipher
algorithms**. However, this nonce is been used as the **plain text** input of
DES or HMAC-MD5 than the **key** input in NTLMv1/2. [1]

So I suggest changing the field name from **Encryption Key** to **Challenge
Nonce** or other appropriate words.

Thanks for reading.

Reference:
[1]:http://en.wikipedia.org/wiki/NT_LAN_Manager#NTLMv1

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 10777] Description for `smb.encryption_key` is probably inaccurate.
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 9332] WebSocket dissector: empty payload causes DISSECTOR_ASSERT_NOT_REACHED
Next by Date: [Wireshark-bugs] [Bug 9332] WebSocket dissector: empty payload causes DISSECTOR_ASSERT_NOT_REACHED
Previous by thread: [Wireshark-bugs] [Bug 9332] WebSocket dissector: empty payload causes DISSECTOR_ASSERT_NOT_REACHED
Next by thread: [Wireshark-bugs] [Bug 10777] Description for `smb.encryption_key` is probably inaccurate.
Index(es):
- Date
- Thread