[19852] in Kerberos_V5_Development
Re: After RFC 8429: Deprecate Triple-DES (3DES) and RC4 in Kerberos
daemon@ATHENA.MIT.EDU (Derek Atkins)
Mon Nov 5 10:58:15 2018
From: Derek Atkins <derek@ihtfp.com>
To: Greg Hudson <ghudson@mit.edu>
Date: Mon, 05 Nov 2018 10:57:50 -0500
In-Reply-To: <977713ce-36c9-777b-4ff1-01ae13787a9e@mit.edu> (Greg Hudson's
message of "Fri, 2 Nov 2018 23:45:32 -0400")
Message-ID: <sjmmuqnbjpd.fsf@securerf.ihtfp.org>
MIME-Version: 1.0
Cc: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
Greg Hudson <ghudson@mit.edu> writes:
> On 11/01/2018 10:30 AM, Weijun Wang wrote:
>> Now that RFC 8429 is published and 3DES and RC4 are deprecated, is
>> there any plan to remove them from etype list of KDC-REQ?
>
> For RC4, I would like Microsoft to take the lead. 3DES is our
> responsibility, and is probably not in nearly as much use (although I'd
> have to at least check if we're still using it internally at MIT), so it
> is probably not as painful to deprecate.
>
> There is some ambiguity in how weak an enctype needs to be to qualify
> for being affected by allow_weak_crypto. The primary concerns about
> des3-cbc-sha1 are its 64-bit block size and the fast speed of its
> string-to-key operation; both of these are far less problematic than the
> practical ability to recover a random single-DES key. It would also be
> a shame if administrators wound up enabling DES in order to make DES3
> work (or RC4).
Maybe we need an "allow_very_weak_crypto" in addition to the
"allow_weak_crypto"?
> krbdev mailing list krbdev@mit.edu
> https://mailman.mit.edu/mailman/listinfo/krbdev
-derek
--
Derek Atkins 617-623-3745
derek@ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
