RFC 3962 and DK(tkey, "kerberos") function
Greg Hudson
ghudson at MIT.EDU
Thu Oct 15 10:03:52 EDT 2009
On Tue, 2009-10-13 at 15:42 -0400, kerberos at noopy.org wrote:
> Basically what I'm trying to do in
> my DK function is: "encrypt my 'kerberos' block with the temporary key
> I got from my derive bytes function."
>
> Am I understanding how I create the final key correctly here?
You have the right idea to the best of my understanding, with the
proviso that you should be using the cipher's default input vector
(which I believe is all-bits-zero) and not an IV left over from any
previous encryption. So, I'm not immediately sure why you're not
getting the right result.
More information about the Kerberos
mailing list