[39627] in Kerberos
Re: why is aes sha1 the default encryption type
daemon@ATHENA.MIT.EDU (Nico Williams)
Tue Jun 23 18:14:59 2026
Date: Tue, 23 Jun 2026 17:13:08 -0500
From: Nico Williams <nico@cryptonector.com>
To: Charles Hedrick <hedrick@rutgers.edu>
Message-ID: <ajsE9DvlSNai1okP@ubby>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <PH0PR14MB54930D68C9207E773F2CD923AAEE2@PH0PR14MB5493.namprd14.prod.outlook.com>
Cc: "Kerberos@mit.edu" <Kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Tue, Jun 23, 2026 at 08:16:06PM +0000, Charles Hedrick via Kerberos wrote:
> does the encrypt affect the way user passwords are hashed in the KDC.
> (I assume password hashses are stored, not passwords in the clear?)
Kerberos supports multiple "pre-authentication" mechanisms. The most
commonly used ones are password-based and -here you are about to be sad-
the KDC stores a password-equivalent.
There is a PAKE now for Kerberos, but it's symmetric, so once again the
KDC stores a password-equivalent.
Lastly there is PKINIT, where you use a client certificate to
authenticate the user. A KDC that supports PKINIT can avoid storing
password equivalents when all the clients support it _and_ you have a
way to provision all users with private keys and certificates.
Nico
--
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
