Docs on string-to-key routines?
Henry B. Hotz
hotz at jpl.nasa.gov
Fri Mar 12 03:41:06 EST 2004
At 8:54 PM -0500 3/11/04, Jeffrey Hutzelman wrote:
>On Thursday, March 11, 2004 16:38:46 -0800 "Henry B. Hotz"
><hotz at jpl.nasa.gov> wrote:
>
>>Where is the "real" description of the string-to-key functions, V4, AFS,
>>and V5?
>AFS supports only the single-DES enctype. The AFS string-to-key
>function is not documented; you'll have to read the source.
>
>All of these functions support input of essentially unlimited length.
Just looked at the OpenAFS code and some old KTH code. The former
has a loop of some kind with no obvious limit (as you said). The
latter uses a different algorithm for length <=8 from >8. In the
latter case they have an array of size 512 which might imply a limit
of 511 characters. That's big enough.
And yes, on reflection, I suppose a 256-bit AES key algorithm would
have to be more than trivially different from a 56-bit-plus-parity
DES key algorithm.
--
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
More information about the Kerberos
mailing list