[6600] in Kerberos
Re: DES Encryption with Kerberos.
daemon@ATHENA.MIT.EDU (Darren Reed)
Sun Feb 4 23:09:29 1996
Date: Mon, 5 Feb 1996 14:43:48 +1100
From: darrenr@nabaus.com.au (Darren Reed)
To: kerberos@MIT.EDU, jeff@sdsc.edu
> In article <199601300246.NAA09538@phaeton.rais.nabaus.com.au>,
> Darren Reed <darrenr@nabaus.com.au> wrote:
> >DES's operation is endian dependant,
> >so that compiling the same code (which is ignorant of byte order) on intel box
> >(ie pc) and a Sun sparc will not decrypt/encrypt correctly.
>
> This may be true for some specific implementations of DES, but it need
> not be. For example, I believe the ufc-crypt implementation of DES
> works correctly without the aid of endian-based #ifdef's or other such
> accommodations. This is definitely true of a DES implementation I
> once wrote myself.
The difficulty turned out to a difference in the way keys were being used and
passed to the encryption routines. >:-/
What eventually woke us upto this was getting a known true result for DES
and attempting to make the libraries agree with that. The main help here
was getting the key in the right `format'.
The test case I used was from a 'C Programming Column', by Al Stevens. I'm
not sure where the column originates, I was just given text files, documenting
implementing, and comments on that, DES.
Using ECB, the following examples were given:
Key: 0123456789abcdef 0123456789abcdef 0123456789abcdef
Text: 4e6f772069732074 68652074696d6520 666f7220616c6c20
Encr: 3fa40e8a984d4815 6a271787ab8883f9 893d51ec4b563b53
darren.
