diff --git a/libfreerdp-core/connection.c b/libfreerdp-core/connection.c
index a57149022..ee0648b6a 100644
--- a/libfreerdp-core/connection.c
+++ b/libfreerdp-core/connection.c
@@ -125,7 +125,7 @@ static boolean rdp_establish_keys(rdpRdp* rdp)
 	/* encrypt client random */
 	memset(crypt_client_random, 0, sizeof(crypt_client_random));
 	memset(client_random, 0x5e, 32);
-	//crypto_nonce(client_random, 32);
+	crypto_nonce(client_random, 32);
 	printf("client random\n");
 	freerdp_hexdump(client_random, 32);
 	key_len = rdp->settings->server_cert->cert_info.modulus.length;
@@ -166,6 +166,12 @@ static boolean rdp_establish_keys(rdpRdp* rdp)
 	rdp->rc4_decrypt_key = crypto_rc4_init(rdp->settings->decrypt_key, rdp->settings->rc4_key_len);
 	rdp->rc4_encrypt_key = crypto_rc4_init(rdp->settings->encrypt_key, rdp->settings->rc4_key_len);
 
+	printf("key_len %d\n", rdp->settings->rc4_key_len);
+	printf("decrypt_key\n");
+	freerdp_hexdump(rdp->settings->decrypt_key, rdp->settings->rc4_key_len);
+	printf("encrypt_key\n");
+	freerdp_hexdump(rdp->settings->encrypt_key, rdp->settings->rc4_key_len);
+
 	rdp->do_crypt = True;
 
 	return True;
diff --git a/libfreerdp-core/crypto.h b/libfreerdp-core/crypto.h
index 5a8746790..de227b0de 100644
--- a/libfreerdp-core/crypto.h
+++ b/libfreerdp-core/crypto.h
@@ -40,7 +40,7 @@
 #endif
 
 #define EXPONENT_MAX_SIZE			4
-#define MODULUS_MAX_SIZE			64
+#define MODULUS_MAX_SIZE			256
 
 #include <freerdp/freerdp.h>
 #include <freerdp/utils/blob.h>
diff --git a/libfreerdp-core/gcc.c b/libfreerdp-core/gcc.c
index 86f7b37f5..1afb4f830 100644
--- a/libfreerdp-core/gcc.c
+++ b/libfreerdp-core/gcc.c
@@ -798,6 +798,7 @@ boolean gcc_read_server_security_data(STREAM* s, rdpSettings *settings)
 		freerdp_blob_alloc(&settings->server_random, serverRandomLen);
 		memcpy(settings->server_random.data, s->p, serverRandomLen);
 		stream_seek(s, serverRandomLen);
+		freerdp_hexdump(settings->server_random.data, settings->server_random.length);
 	}
 	else
 	{
diff --git a/libfreerdp-core/security.c b/libfreerdp-core/security.c
index cc370fc0e..803067993 100644
--- a/libfreerdp-core/security.c
+++ b/libfreerdp-core/security.c
@@ -85,10 +85,10 @@ static void security_master_hash(char* input, int length, uint8* master_secret,
 
 void security_session_key_blob(uint8* master_secret, uint8* client_random, uint8* server_random, uint8* output)
 {
-	/* MasterHash = MasterHash('X') + MasterHash('YY') + MasterHash('ZZZ') */
-	security_master_hash("X", 1, master_secret, client_random, server_random, &output[0]);
-	security_master_hash("YY", 2, master_secret, client_random, server_random, &output[16]);
-	security_master_hash("ZZZ", 3, master_secret, client_random, server_random, &output[32]);
+	/* MasterHash = MasterHash('A') + MasterHash('BB') + MasterHash('CCC') */
+	security_master_hash("A", 1, master_secret, client_random, server_random, &output[0]);
+	security_master_hash("BB", 2, master_secret, client_random, server_random, &output[16]);
+	security_master_hash("CCC", 3, master_secret, client_random, server_random, &output[32]);
 }
 
 void security_mac_salt_key(uint8* session_key_blob, uint8* client_random, uint8* server_random, uint8* output)
@@ -177,6 +177,20 @@ void security_mac_signature(uint8* mac_key, int mac_key_length, uint8* data, uin
 	memcpy(output, md5_digest, 8);
 }
 
+static void security_A(uint8* master_secret, uint8* client_random, uint8* server_random, uint8* output)
+{
+	security_premaster_hash("A", 1, master_secret, client_random, server_random, &output[0]);
+	security_premaster_hash("BB", 2, master_secret, client_random, server_random, &output[16]);
+	security_premaster_hash("CCC", 3, master_secret, client_random, server_random, &output[32]);
+}
+
+static void security_X(uint8* master_secret, uint8* client_random, uint8* server_random, uint8* output)
+{
+	security_premaster_hash("X", 1, master_secret, client_random, server_random, &output[0]);
+	security_premaster_hash("YY", 2, master_secret, client_random, server_random, &output[16]);
+	security_premaster_hash("ZZZ", 3, master_secret, client_random, server_random, &output[32]);
+}
+
 boolean security_establish_keys(uint8* client_random, rdpSettings* settings)
 {
 	uint8 pre_master_secret[48];
@@ -189,11 +203,14 @@ boolean security_establish_keys(uint8* client_random, rdpSettings* settings)
 
 	server_random = settings->server_random.data;
 
+	freerdp_hexdump(client_random, 32);
+	freerdp_hexdump(server_random, 32);
+
 	memcpy(pre_master_secret, client_random, 24);
 	memcpy(pre_master_secret + 24, server_random, 24);
 
-	security_master_secret(pre_master_secret, client_random, server_random, master_secret);
-	security_session_key_blob(master_secret, client_random, server_random, session_key_blob);
+	security_A(pre_master_secret, client_random, server_random, master_secret);
+	security_X(master_secret, client_random, server_random, session_key_blob);
 
 	memcpy(settings->sign_key, session_key_blob, 16);