krb5 commit: Clarify retiring-des based on user feedback

Benjamin Kaduk kaduk at MIT.EDU
Fri May 31 13:09:50 EDT 2013


https://github.com/krb5/krb5/commit/fa6de1bf73926751a2f68bff31ef020eb7db9260
commit fa6de1bf73926751a2f68bff31ef020eb7db9260
Author: Ben Kaduk <kaduk at mit.edu>
Date:   Fri May 31 12:40:10 2013 -0400

    Clarify retiring-des based on user feedback
    
    Explain why DES keys should be removed from principals, and clarify
    that allow_weak_crypto overrides all other configuration.
    
    ticket: 7654 (new)
    tags: pullup
    target_version: 1.11.4

 doc/admin/advanced/retiring-des.rst |   20 ++++++++++++++++++--
 1 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/doc/admin/advanced/retiring-des.rst b/doc/admin/advanced/retiring-des.rst
index da9d1fc..cbca1b7 100644
--- a/doc/admin/advanced/retiring-des.rst
+++ b/doc/admin/advanced/retiring-des.rst
@@ -298,6 +298,19 @@ as new DES keys are still being generated, and will be used if requested
 by a client.  To make more progress removing DES from the realm, the KDC
 should be configured to not generate such keys by default.
 
+.. note::
+
+    An attacker posing as a client can implement a brute force attack against
+    a DES key for any principal, if that key is in the current (highest-kvno)
+    key list.  This attack is only possible if **allow_weak_crypto = true**
+    is enabled on the KDC.  Setting the **+requires_preauth** flag on a
+    principal forces this attack to be an online attack, much slower than
+    the offline attack otherwise available to the attacker.  However, setting
+    this flag on a service principal is not always advisable; see the entry in
+    :ref:`add_principal` for details.
+
+The following KDC configuration will not generate DES keys by default:
+
 ::
 
     [realms]
@@ -357,8 +370,11 @@ generate DES keys by default.
     Entry for principal kaduk at ZONE.MIT.EDU with kvno 3, encryption type des3-cbc-sha1 added to keytab WRFILE:kaduk-zone.keytab.
 
 Once all principals have been re-keyed, DES support can be disabled on the
-KDC, and client machines can remove **allow_weak_crypto = true** from
-their :ref:`krb5.conf(5)` configuration files, completing the migration.
+KDC (**allow_weak_crypto = false**), and client machines can remove
+**allow_weak_crypto = true** from their :ref:`krb5.conf(5)` configuration
+files, completing the migration.  **allow_weak_crypto** takes precedence over
+all places where DES enctypes could be explicitly configured.  DES keys will
+not be used, even if they are present, when **allow_weak_crypto = false**.
 
 Support for legacy services
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~


More information about the cvs-krb5 mailing list