[482] in Kerberos
Re: Completeness of DES_CRYPT(3)
daemon@TELECOM.MIT.EDU (Steve Miller)
Mon Aug 8 18:20:23 1988
From: miller%erlang.DEC@DECWRL.DEC.COM (Steve Miller)
To: kerberos@ATHENA.MIT.EDU, MILLER%erlang.DEC@DECWRL.DEC.COM
In principal, I don't see why not, especially since we intended to
keep the crypto as a separable component. But I haven't looked at the
documentation carefully for quite a while.
Both the string-to-key and pcbc_encrypt are straightforward. If needed,
I am sure that sufficient additional documentation for DES_CRYPT could be
done unambiguously. The string-to-key algorithm should be the same
across realms if the inter-realm authentication is used, and the keys
are defined (indirectly) using the string-to-key. E.g. the LCS Kerberos
appears as a member of the Athena realm, so if string-to-key is used to
setup their shared key, it had better be the same.
Steve
