[1123] in Kerberos_V5_Development
Re: OV admin system integration plan
daemon@ATHENA.MIT.EDU (Donald T. Davis)
Mon May 6 16:15:05 1996
To: "Richard Basch" <basch@lehman.com>
Cc: krbdev@MIT.EDU
In-Reply-To: Your message of "Mon, 06 May 1996 11:49:22 EDT."
<199605061549.LAA02712@badger.lehman.com>
Date: Mon, 06 May 1996 16:13:19 -0400
From: "Donald T. Davis" <don@cam.ov.com>
richard writes:
> The problem with cfb mode and a session key generator is that
> you have to avoid giving out keying/codebook material, and when
> the sequence numbers had blocks of zeros, this is hard to do.
this problem is independent of cfb. i agree that there's
more to designing an rng than simply saying "use cfb."
i also agree that if krb were to build an rng from a
block cipher, you'd have to avoid divulging plaintext.
-don
