[468] in Kerberos
P.s. re New Ticket proposal
daemon@TELECOM.MIT.EDU (Steve Miller)
Thu Jul 28 19:42:34 1988
From: miller%erlang.DEC@DECWRL.DEC.COM (Steve Miller)
To: kerberos@ATHENA.MIT.EDU, MILLER%erlang.DEC@DECWRL.DEC.COM
The end of the existing ticket is already zero padded to a multiple of
eight bytes, so checking any padding for zero after decryption would buy
a small amount of additional integrity at no additional runtime cost or
change in the protocol. So if you believe that the size distribution of
the names, modulo 8, is reasonably evenly distributed, about 7/8 of the
time you will get some extra integrity for free. BTW, other than at
the beginning of the first block in a chain, zero is about as good an integrity
constant as any.
Steve
