[446] in Kerberos_V5_Development
Re: Kerberized Telnet (A warning)
daemon@ATHENA.MIT.EDU (Jeffrey I. Schiller)
Sat Nov 17 20:00:59 1990
Date: Sat, 17 Nov 90 19:53:42 EST
From: Jeffrey I. Schiller <jis@MIT.EDU>
To: jon@MIT.EDU
Cc: prb@krystal.cray.com, bcn@cs.washington.edu, krbdev@ATHENA.MIT.EDU
In-Reply-To: Jon A. Rochlis's message of Sat, 17 Nov 90 18:28:51 EST <9011172328.AA13276@delwin.MIT.EDU>
Indeed using a KAK cipher gives you confidentiality, but not
integrity. The feature of using a KAK cipher is that you can compute
the key stream bits in advance of needing them (ie. during idle time).
Perhaps a simple modification of the protocol would be to perform an
MD4 computation on the clear text and every N bytes send over the MD4
ECB encrypted with the original DES key. MD4 is much faster to compute
then DES. However we would need to decide what value of N was
appropriate to use (or add a negotiation mechanism...). Then of course
there is the issue of what to do if you detect an integrity problem,
you probably have already acted on the bad bits (if it was the input
stream). Do you break the connection? Inform the user (who probably
won't know what to do)? Or what?
My gut tells me that the best approach for the telnet
application may well be to punt on integrity, but make this fact
clear.
-Jeff
