[16393] in Kerberos_V5_Development
Re: random to key from password
daemon@ATHENA.MIT.EDU (Sam Hartman)
Mon Sep 27 17:11:55 2010
From: Sam Hartman <hartmans@MIT.EDU>
To: Nicolas Williams <Nicolas.Williams@oracle.com>
Date: Mon, 27 Sep 2010 17:11:38 -0400
In-Reply-To: <20100927205658.GQ9501@oracle.com> (Nicolas Williams's message of
"Mon, 27 Sep 2010 15:56:59 -0500")
Message-ID: <tsl62xqvqlx.fsf@live.suchdamage.org>
MIME-Version: 1.0
Cc: lha@h5l.org, Russ Allbery <rra@stanford.edu>, krbdev@MIT.EDU
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@MIT.EDU
>>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams@oracle.com> writes:
Nicolas> On Mon, Sep 27, 2010 at 04:42:14PM -0400, Sam Hartman wrote:
>> The KDC prefers AES to DES. So, you'll never be able to use the
>> DES key for much, but it exists and you can somehow get some text
>> to attack it.
Nicolas> How would you get that ciphertext?
Claim to be a client that only supports DES. This is a random
key--allowing use as a client is supposed to be reasonable even without
preauth.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
