SMB 2 and SMB 3 security in Windows 10: the anatomy of signing and cryptographic keys

Signing is an integral security feature in SMB2 since its inception. Encryption starts in SMB3 as an important security enhancement. This article reviews the security evolution of the authenticated session as well as computation of keys used in SMB 2.x through 3.1.1 dialects. It provides test vectors for key computation in SMB 3.0 and SMB…


SMB 3.1.1 Encryption in Windows 10

SMB 3 encryption offers data packet confidentiality and prevents an attacker from both tampering with and eavesdropping on any data packet. Encryption has been enhanced in SMB 3.1.1. The cipher can now be negotiated during connection establishment. In addition to AES-128-CCM for SMB 3.0.x compatibility, Windows 10 (and Windows Server 2016) added AES-128-GCM in SMB…


SMB 3.1.1 Pre-authentication integrity in Windows 10

Pre-authentication integrity is one of the new SMB 3.1.1 security improvements in Windows 10 and Windows Server 2016 TP2 (technical preview 2). It improves protection from a man-in-the-middle (MITM) attacker in tampering with SMB2’s connection establishment and authentication messages. This new feature supersedes “secure dialect negotiation” introduced in SMB 3.0, which only protected against MITM…


Extended DFS referral for SMB 3

This blog talks about site-aware DFS referral introduced in Windows Server 2012. Extended DFS referrals provide remote client computers with optimal DFS referrals when the computers connect to the corporate network by using DirectAccess. This blog also describes how to configure a Window 8 client to issue extended DFS referral request for testing a SMB…


SMB 2.x and SMB 3.0 Timeouts in Windows

This blog talks about common timeouts for SMB dialects 2.x and 3.0 [MS-SMB2] in Windows. It also covers continuous availability timeout, witness keep alive [MS-SWN], and some SMB-Direct timers [MS-SMBD]. The behaviors are generally version-specific and therefore may change in future Windows releases or fixes. A previous blog discusses “CIFS and SMB Timeouts in Windows”:  …


CIFS and SMB Timeouts in Windows

This blog gives a consolidated overview of the most common SMB timeouts in Windows and their behaviors. Some of these legacy timeouts or timers are optional, implementation specific, not defined or not required by the protocol specifications. Let’s recall that MS-CIFS documents the protocol implemented in Windows NT and Windows 98, whereas MS-SMB describes the…


Encryption in SMB 3.0: A protocol perspective

Encryption is one of the new SMB 3.0 security enhancements in Windows Server 2012 RTM. It can be enabled on a per-share basis, or enforced for all shares on the server. SMB 3.0 uses AES-CCM [RFC5084] as encryption algorithm, and this also provides data integrity (signing). This blog takes a protocol walk on the topic through…


Password encryption in establishing a remote assistance session of type 1

This blog provides details on how the PassStub is used when establishing a remote assistance session of type 1. It presents the password encryption flow and illustrates with Windows APIs and sample data.   Remote assistance overview   Remote Assistance (RA) was introduced in Windows XP and enables one computer user to remotely help another…


Windows Configurations for Kerberos Supported Encryption Type

   In one of my previous blog(http://blogs.msdn.com/b/openspecification/archive/2010/11/17/encryption-type-selection-in-kerberos-exchanges.aspx) , I have talked about how the encryption types of the various encrypted parts of the Kerberos exchanges are selected.  The selections of these encryption types are dependent on some Active Directory attributes and policy settings.    It is important to understand how these settings are configured from the…


Implementing the Algorithm for Deriving Password and encrypting Connection String in MS-RAIOP

In Microsoft Open Protocol documents, there are many algorithms that involve with crypto operations in some particular ways.   Sometimes the protocol documents also provide specific protocol examples that include the initial input, the intermediate results and the final result for each step of the algorithm.   The correctness of the result  is very crucial for the…