[2971] in Kerberos
a question about kerberos
daemon@ATHENA.MIT.EDU (Clifford Neuman)
Thu Jan 13 14:12:21 1994
Date: Thu, 13 Jan 94 10:44:43 PST
From: Clifford Neuman <bcn@ISI.EDU>
To: wenbo@comms.ee.man.ac.uk
Cc: kerberos@MIT.EDU
In-Reply-To: Wenbo Mao's message of Mon, 10 Jan 1994 15:18:42 +0000 (GMT) <8157.9401101518@caesar.ee.man.ac.uk>
From: Wenbo Mao <wenbo@comms.ee.man.ac.uk>
Date: Mon, 10 Jan 1994 15:18:42 +0000 (GMT)
After carefully checking the RFC 1510, I do find that there is a place
indicating your answer to some conditional extent. This is the
definition of the CipherText (in page 70):
CipherText ::= ENCRYPTED SEQUENCE {
confounder[0] UNTAGGED OCTET STRING(conf_length) OPTIONAL,
check[1] UNTAGGED OCTET STRING(checksum_length) OPTIONAL,
msg-seq[2] MsgSequence,
pad UNTAGGED OCTET STRING(pad_length) OPTIONAL
}
where the OPTIONAL item check[1] seems to be the mechanism that you
addressed. However, it seems to me that your claim (or the integrity
mechanism used) may not be fully correct if this check is only
OPTIONAL.
Actually, the following section appears before the description of the
cipher text.
The cipher field is generated by applying the specified encryption
algorithm to data composed of the message and algorithm-specific
inputs. Encryption mechanisms defined for use with Kerberos must
take sufficient measures to guarantee the integrity of the plaintext,
and we recommend they also take measures to protect against
precomputed dictionary attacks. If the encryption algorithm is not
itself capable of doing so, the protections can often be enhanced by
adding a checksum and a confounder.
What this means is that it is mandatory that the encryption mechanism
assure the integrity of the message. It is conceivable that some
encryption algorithms provide this inherently, in which case the
checksum is not needed. The spec, however, requires the designer of
the encryption mechanism to make such a determination, and to decide
whether the check field is to be used (in which case it is mandatory
for the encryption mechanism).
~ Cliff
