[16060] in Kerberos_V5_Development
Re: Info regarding MIT 1.8 Crypto modularity feature.
daemon@ATHENA.MIT.EDU (Henry B. Hotz)
Mon Aug 16 21:24:19 2010
Mime-Version: 1.0 (Apple Message framework v1081)
From: "Henry B. Hotz" <hotz@jpl.nasa.gov>
In-Reply-To: <mailman.367.1281974704.12863.krbdev@mit.edu>
Date: Mon, 16 Aug 2010 18:24:12 -0700
Message-Id: <C3A07C72-6DB7-496C-A351-4DA96FAC8546@jpl.nasa.gov>
To: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Aug 16, 2010, at 9:05 AM, krbdev-request@mit.edu wrote:
> Date: Mon, 16 Aug 2010 11:31:51 -0400
> From: Zhanna Tsitkova <tsitkova@MIT.EDU>
> Subject: Re: Info regarding MIT 1.8 Crypto modularity feature.
> To: "jaltman@secure-endpoints.com" <jaltman@secure-endpoints.com>
> Cc: "krbdev@mit.edu" <krbdev@mit.edu>
> Message-ID: <74E2309B-04BF-4712-A59B-FE445293214B@mit.edu>
> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
>
> Well, we have discussed these scenarios internally and ended up with
> "one crypto implementation per kerberos crypto library" scenario for
> the reasons of better sense of security and integrity.
> For example, mixing FIPS 140.2 and non-FIPS modes - who wants to be
> FIPS approved? - finance, government, heathcare and friends. It is
> unlikely that any of them would consider refining and potentially
> jeopardizing their configuration to speed-up things for the sake of
> slight (or even significant) performance gain. Or, at least, they
> would definitely use different machines for these different tasks.
> As for Shipping a binary that can support hardware and non-hardware
> implemented encryption, this case is tougher one to ague with.
> However, I think, if hardware accelerators are available, one will
> always prefer to take advantage of them.
> Finally, performance testing, in my opinion, is much cleaner when it
> does not resolve the specifics of the configuration setup during run-
> time.
I think these are all arguments that it's possible to live without run-time library selection, rather than arguments that users necessarily prefer being locked into a single selection.
Ignoring implementation difficulty (which is a big deal, I know) I would always prefer to have the run-time option as long as the option never causes any run-time failures. ;-)
FIPS-mode seems like a special case. A FIPS-approved library (well, at least openssl) is likely to have a non-FIPS mode which may be faster and probably supports additional encryption types (RC4, Camillia?). I'd think it was trivial to select FIPS/non-FIPS at run time, and that might make it easier to flag non-FIPS to a user who is expecting FIPS mode.
------------------------------------------------------
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
