[2851] in Kerberos
export question
daemon@ATHENA.MIT.EDU (Jim Miller)
Fri Oct 8 21:36:13 1993
From: jim@bilbo.suite.com (Jim Miller)
Date: Fri, 8 Oct 93 19:43:58 -0500
To: kerberos@MIT.EDU
Reply-To: Jim_Miller@suite.com
Full featured Kerberos cannot be exported from the US because of ITAR
restrictions. I believe that some companies are able to export Kerberos
mutations because they removed the ability to encrypt arbitrary user data. The
mutant systems only use encryption for authentication purposes.
However, Kerberos version 5 allows a client to ask the Ticket-Granting-Server
(TGS) to place client-specified "authorization data" into a ticket. The
authorization data gets encrypted along with the rest of the ticket. This
seems to me to be a way to send encrypted user data, even if the traditional
mechanism (KRB_PRIV) has been removed.
What I'm leading up to is that it seems that it will be much more difficult to
create a *useful* exportable mutation of Kerberos 5 than it was to create a
useful exportable mutation of Kerberos 4.
To create a useful mutation of Kerberos 5 you will not only have to remove the
KRB_PRIV message type, you will also have to remove the authorization data
mechanism. The loss of the Kerberos 5 authorization data mechanism is
significant.
Fortunately, there's some room for hope. A significant difference between
KRB_PRIV and "authorization data in a ticket" is that the authorization data is
first sent to the TGS in the clear, and only then gets encrypted. (I say "sent
in the clear" because I'm assuming that we dealing with a Kerberos mutation
that has no KRB_PRIV message type.) The government types who worry about
encrypted user data could theoretically capture the "authorization data" when
it was initially sent from the client process to the TGS. This *might* (big,
hugh, enormous might) satisfy the ITAR requirements:
USML XIII: (i.e. US Munitions List)
Category XIII-Auxiliary Military Equipment
[paragraph (a) deleted]
(b) Information Security Systems and equipment, cryptographic devices,
software, and components specifically designed or modified therefor,
including:
(1) Cryptographic (including key management) systems, equipment, assemblies,
modules, integrated circuits, components or software with the capability of
*MAINTAINING SECRECY OR CONFIDENTIALITY OF INFORMATION* (my emphasis) or
information systems, except cryptographic equipment and software as follows:
[exception i to v deleted]
(vi) Limited to data authentication which calculates a Message
Authentication Code (MAC) or similar result to ensure no alteration of text
has taken place, or to authenticate users, but does not allow for encryption
of data, text or other media other than that needed for the authentication.
Anyone care to speculate whether the initial cleartext transmission of
"authorization data" to the TGS would satisfy the ITAR requirement that you
cannot export a system that has the "capability of maintaining secrecy or
confidentiality of information"?
Thanks,
Jim_Miller@suite.com
