[1327] in Kerberos-V5-bugs
Re: Kerberos V5 string to key algorithm (and V4)
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Fri Mar 31 18:57:56 1995
Date: Fri, 31 Mar 1995 18:57:44 +0500
From: Theodore Ts'o <tytso@MIT.EDU>
To: "John J. Marco" <johnma@sco.COM>
Cc: krb5-bugs@MIT.EDU, johnma@sco.COM
In-Reply-To: John J. Marco's message of Fri, 31 Mar 1995 14:20:17 -0800 (PST),
<9503311420.aa01448@lubyanka.pdev.sco.COM>
From: "John J. Marco" <johnma@sco.COM>
Date: Fri, 31 Mar 1995 14:20:17 -0800 (PST)
Kerberos bugs folks,
I've been looking into how much work it would take to make the
DCE Security Server (based on a V5 KDC) service Kerberos V4
requests at the same time. In doing so I came across a potentially
nasty problem. It appears that the "string to key" functions
are different in V4 and V5. Therefore, string passwords created
with V5 tools will not be usable by V4 clients and vice versa.
Am I correct in assuming this?
This is partially correct. The way we provide V4 backwards
compatibility in the V5 KDC is to store both the V4 and V5 derived DES
key for a user in the database entry. You don't actually need to store
both keys, although we actually bother to do this. The V5 protocol
allows the KDC to specify a hint of which salt should be used for the
string to key function, and the V4 algorithm is equivalent to the V5
algorithm with a null salt value. So V5 clients *can* utilize keys which
were created using the V4 string to key function.
- Ted
