[31587] in Kerberos
Re: RFC 3962 and DK(tkey, "kerberos") function
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Oct 15 10:04:33 2009
From: Greg Hudson <ghudson@mit.edu>
To: "kerberos@noopy.org" <kerberos@noopy.org>
In-Reply-To: <cba4e37e0910131242y7c4bb52auaca0b76055c71181@mail.gmail.com>
Date: Thu, 15 Oct 2009 10:03:52 -0400
Message-Id: <1255615432.23997.58.camel@ray>
Mime-Version: 1.0
Cc: "kerberos@mit.edu" <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Tue, 2009-10-13 at 15:42 -0400, kerberos@noopy.org wrote:
> Basically what I'm trying to do in
> my DK function is: "encrypt my 'kerberos' block with the temporary key
> I got from my derive bytes function."
>
> Am I understanding how I create the final key correctly here?
You have the right idea to the best of my understanding, with the
proviso that you should be using the cipher's default input vector
(which I believe is all-bits-zero) and not an IV left over from any
previous encryption. So, I'm not immediately sure why you're not
getting the right result.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
