5.3.4 Client and Server Random Values
The client and server both generate a 32-byte random value using a cryptographically-safe pseudorandom number generator.
The server sends the random value that it generated (along with its public key embedded in a certificate) to the client in the Server Security Data (section 2.2.1.4.3) during the Basic Settings Exchange phase of the RDP Connection Sequence (section 1.3.1.1).
If RDP Standard Security mechanisms (section 5.3) are being used, the client sends its random value to the server (encrypted with the server's public key) in the Security Exchange PDU (section 2.2.1.10) as part of the RDP Security Commencement phase of the RDP Connection Sequence (section 1.3.1.1).
Figure 8: Client and server random value exchange
The two random values are used by the client and server to generate session keys to secure the connection.