[1511] in Kerberos-V5-bugs
where's the confounder?
daemon@ATHENA.MIT.EDU (Jim Miller)
Mon Jul 3 17:14:26 1995
From: jim@bilbo.suite.com (Jim Miller)
Date: Mon, 3 Jul 95 15:46:36 -0500
To: kerberos@MIT.EDU
Cc: krb5-bugs@MIT.EDU
Reply-To: Jim_Miller@bilbo.suite.com
I was reading about the RSA-MD4-DES checksum option in RFC-1510 and it
says that an 8 octet confounder is prepended to the plaintext before the
MD4 checksum is computed. Furthermore, it says the confounder is also
prepended to the hash and the result is encrypted. However, looking at
the code (Kerberos 5, beta 4, patchlevel 3, md4_crypto_sum_func), I don't
see any code to generate or prepend a confounder at either step. I also
don't see where the key variant is computed (as described in RFC-1510).
It looks like the key passed to "krb5_mk_safe" is used unmodified.
Are these bugs, is RFC-1510 incorrect, or am I just overlooking something?
Jim_Miller@suite.com
P.S. Same goes for RSA-MD5-DES
