Does anybody know: Enctype used to encrypt authenticator?
Greg Hudson
ghudson at MIT.EDU
Fri Feb 8 15:29:42 EST 2013
On 02/08/2013 04:09 AM, Tom_Krauss wrote:
> What I do not understand is how the client chooses the enctype to use with
> the session key to build the authenticator.
I'll expand on Mark's answer a bit:
Kerberos keys have a single enctype (except for single-DES keys, which
can be used with three different enctypes). So the client only has one
choice; it has to use the enctype of the session key, as presented to it
by the KDC.
To choose a session key compatible with the server, the KDC has to know
what enctypes the server understands. In MIT krb5 prior to 1.11, the
KDC only "knows" this by assuming that a server understands all the
enctypes it has keys for (except des-cbc-md5 for historical reasons),
plus des-cbc-crc. If it weren't for this assumption, there would be no
point in having more than one enctype in a server principal's keys,
because only the first key is used to encrypt tickets.
In MIT krb5 1.11, you can use the session_enctypes string attribute to
communicate what session key types the server understands. You can also
globally turn off the assumption that all servers understand des-cbc-crc.
More information about the Kerberos
mailing list