[16389] in Kerberos_V5_Development
random to key from password
daemon@ATHENA.MIT.EDU (Sam Hartman)
Mon Sep 27 16:04:46 2010
From: Sam Hartman <hartmans@mit.edu>
To: Russ Allbery <rra@stanford.edu>
Date: Mon, 27 Sep 2010 16:04:32 -0400
In-Reply-To: <87y6ant0qd.fsf@windlord.stanford.edu> (Russ Allbery's message of
"Mon, 27 Sep 2010 13:01:14 -0700")
Message-ID: <tsllj6nuf5b.fsf_-_@live.suchdamage.org>
MIME-Version: 1.0
Cc: lha@h5l.org, krbdev@mit.edu,
Nicolas Williams <nicolas.williams@oracle.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
>>>>> "Russ" == Russ Allbery <rra@stanford.edu> writes:
Russ> Nicolas Williams <Nicolas.Williams@oracle.com> writes:
>> I'm saying it's what it should do. I.e., the kadmin/kadm5 client
>> should be modified to randomize keys by doing a cpw with a
>> randomized password.
Russ> If you made this change globally (rather than making it an
Russ> option, such as in Heimdal), then it would apply to
Russ> keytab-only principals such as host/* keys as well. Do we
Russ> lose any security benefit from having all the enctypes have
Russ> independent keys the way that we get now with -randkey? (Or
Russ> at least I always assumed we got that now; maybe we don't?)
Hmm.
Possibly.
If one of the string2key functions is easier to preimage than another,
then you could potentially find one of the stronger keys more easily.
That could be an issue in a case such as encryption of server tickets
where the KDC would not actually use the weaker enctype.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
