Armor key negotiation in FAST Simon.Jansen at
Mon Nov 12 05:37:57 EST 2012


I have a further question referring to the following part of the previous conversation.

>> So the security of the whole tunnel is based on the strength of the long-term host key.

Why is the armor built and why don't they use simply the long-term key of the host? 
>From my current point of view they want a fresh armorkey for each conversation to decrease the vulnerability to replay attacks. But referring to page 31 of the RFC 6113 a nonce is included in the client request. So the chance to mount a replay attack should be decreased already. Are there any other advantages that come up with the generation of the armor key?


More information about the Kerberos mailing list