Use of Encryption for KRB_AP_REQ
Sam Hartman
hartmans at MIT.EDU
Sat Sep 11 12:38:27 EDT 2004
>>>>> "Ahluwalia," == Ahluwalia, Ish <iahluwalia at sonusnet.com> writes:
Ahluwalia,> Hi All: I'm new to kerberos world, so appologies in
Ahluwalia,> advance if it's too basic of a question. Does MIT
Ahluwalia,> kerberos support des3-cbc-md5 encryption type? I have
Ahluwalia,> a requirement which requires me to have the
Ahluwalia,> Authenticator field of the AP_REQ to be encrypted
Ahluwalia,> using 3des-cbc-md5 encryption algorithm. Looking at
Ahluwalia,> krb5.h file and the IETF specification, it doesn't
Ahluwalia,> look like this algorithm is supported. Any help will
Ahluwalia,> be greatly appreciated? Is there a way to get around
Ahluwalia,> this problem and still use MIT kerberos V5.
No, MIT Kerberos does not support this algorithm. It was a
nonstandard hack that we supported for one release inside a #ifdef 0
block. It has not received significant security review and will not
be standardized.
Sam Hartman
MIT Information Services and Technology
More information about the Kerberos
mailing list