[634] in Kerberos
Re: string_to_key: a better suggestion
daemon@TELECOM.MIT.EDU (Ted Anderson)
Fri Jan 27 16:51:08 1989
From: Ted Anderson <ota+@ANDREW.CMU.EDU>
To: Bill Sommerfeld <wesommer@ATHENA.MIT.EDU>
Cc: kerberos@ATHENA.MIT.EDU,
In-Reply-To: <4XmqQky00UkZQ2M2Mu@andrew.cmu.edu>
I'd like to take yet another stab at StringToKey. This idea of incorporating as
much of the password into the key and using cbc_cksum is good. I've seen at
least two approaches to this, the Kerberos one is to fanfold the bits using XOR.
Jobusch suggested a scheme that involved using every Nth character where N is
strlen(password)/8. In both cases the resultant key is used with cbc_cksum to
produce the password key.
I'd like to suggest a third possibility that I think is better than both of
these. Use a constant key and run cbc_cksum over the password to produce a key
that is a function of all the bits of the password. Then use this as a key to
cbc_cksum the password again to produce the password key.
The code looks something like this:
des_string_to_key (pass, key)
char *pass;
des_cblock *key;
{ des_cblock temp_key;
des_cblock temp_ivec;
des_key_schedule schedule;
/* any old key will work for first cbc_cksum */
bcopy ("Kerberos", &temp_key, 8);
des_fixup_key_parity (&temp_key);
des_key_sched (&temp_key, schedule);
des_cbc_cksum (pass, &temp_ivec, strlen(pass), schedule, &temp_key);
/* use the result for both key and ivec and cbc_cksum for real */
bcopy (&temp_ivec, &temp_key, sizeof(temp_key));
des_fixed_key_parity (&temp_key);
des_key_sched (&temp_key, schedule);
des_cbc_cksum (pass, key, strlen(pass), schedule, &temp_ivec);
/* return a key w/ good parity */
des_fixup_key_parity (key);
}
Ted Anderson
