[6548] in Kerberos
Re: DES Encryption with Kerberos.
daemon@ATHENA.MIT.EDU (smb@research.att.com)
Mon Jan 29 23:54:10 1996
From: smb@research.att.com
To: darrenr@nabaus.com.au (Darren Reed)
Cc: kerberos@MIT.EDU
Date: Mon, 29 Jan 96 23:37:03 EST
In preparation for writing extensions to Kerberos, I'm attempting to work
out which DES libraries work with each other and on different platforms.
The first problem I've come across is that DES's operation is endian dependant,
so that compiling the same code (which is ignorant of byte order) on intel box
(ie pc) and a Sun sparc will not decrypt/encrypt correctly.
The next I've found is that there seems to be some problem getting various
DES libraries to encrypt/decrypt what the other has output. Notably, I've
tried using the MIT DES libraries supplied with Kerberos vs "libdes" which
is otherwise freely available on the net.
Does anyone else have any experience on doing similar tests ?
Back in the days of V4, the comments in the code indicated that the Kerberos
DES library produced the same output as the test cases given in Davies and Price.
I did find that the UNIX crypt() subroutine reversed the order of the bits in
each key and data byte, relative to Kerberos. If I flipped all the bits in the
input and key, encrypted, and flipped the bits again, I got the same answers as
with the Kerberos library.
