[16730] in Kerberos_V5_Development
Re: RC4 Weak Key checks
daemon@ATHENA.MIT.EDU (Ken Raeburn)
Fri Mar 25 16:13:06 2011
Mime-Version: 1.0 (Apple Message framework v1082)
From: Ken Raeburn <raeburn@mit.edu>
In-Reply-To: <4D8CEB8E.8020402@secure-endpoints.com>
Date: Fri, 25 Mar 2011 16:12:59 -0400
Message-Id: <033F0D69-2269-4DC7-AC61-7E69A4806003@mit.edu>
To: jaltman@secure-endpoints.com
Cc: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Mar 25, 2011, at 15:22, Jeffrey Altman wrote:
> I can find no evidence that Microsoft Kerberos SSP performs weak key
> checks. Perhaps the consortium can obtain an explicit answer from
> Microsoft.
I think this is key. The "spec" is documentation of How Windows Does Things, and AFAIK the main use of RC4 with MIT Kerberos is for Windows compatibility, so that's where we should be looking to clarify this. If they do weak key checks -- either rejecting them or adjusting keys to avoid them -- then the RFC ought to be updated; if they don't, then for compatibility perhaps MIT shouldn't either. (And if it's really a big security problem -- as I suspect it actually was *not* for DES weak keys given how we use DES -- then that's an argument for deprecation of RC4.)
Ken
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
