[krbdev.mit.edu #6886] SVN Commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Mon Mar 28 19:35:55 EDT 2011
Remove the weak key checks from the builtin rc4 enc provider. There
is no standards support for avoiding RC4 weak keys, so rejecting them
causes periodic failures. Heimdal and Microsoft do not check for weak
keys. Attacks based on these weak keys are probably thwarted by the
use of a confounder, and even if not, the reduction in work factor is
not terribly significant for 128-bit keys.
http://src.mit.edu/fisheye/changelog/krb5/?cs=24750
Commit By: ghudson
Revision: 24750
Changed Files:
U trunk/src/lib/crypto/builtin/enc_provider/rc4.c
More information about the krb5-bugs
mailing list