Salted MAC Generation

The MAC value can be generated by salting the data to be hashed with the current encryption count. For example, assume that 42 packets have already been encrypted. When the next packet is encrypted the value 42 is added to the SHA component of the MAC signature. The addition of the encryption count can be expressed as follows.

 SHAComponent = SHA(MACKeyN + Pad1 + DataLength + Data + EncryptionCount)
 MACSignature = First64Bits(MD5(MACKeyN + Pad2 + SHAComponent))

EncryptionCount is the cumulative encryption count, indicating how many encryptions have been carried out. It is expressed as a little-endian 32-bit integer. The descriptions for DataLength, Data, and MacKeyN are the same as in section

The use of the salted MAC is dictated by capability flags in the General Capability Set (section, sent by both client and server during the Capability Exchange phase of the RDP Connection Sequence (section In addition, the presence of a salted MAC is indicated by the presence of the SEC_SECURE_CHECKSUM flag in the Security Header flags field (section 5.3.8).