Is RC4 encryption still strong enough?

Edgecombe, Jason jwedgeco at
Wed Nov 13 09:52:22 EST 2013

Hi everyone,

Is the rc4-hmac cipher in MIT Kerberos still OK to use?

I'm asking because of the recent Microsoft advice for the RC4 TLS cipher:'

I know that TLS and Kerberos aren't the same, but I don't know if the advice should be applied to the Kerberos cipher as well.

BTW, I'm still in the process of retiring DES encryption on my KDC. MY KDC is upgraded to 1.11 and I'm using the default supported_enctypes, including rc4-hmac.

I'm just wondering if I need to plan for retiring rc4-hmac as well.


Jason Edgecombe | Linux and Solaris Administrator
UNC Charlotte | The William States Lee College of Engineering
9201 University City Blvd. | Charlotte, NC 28223-0001
Phone: 704-687-1943
jwedgeco at | |  Facebook
If you are not the intended recipient of this transmission or a person responsible for delivering it to the intended recipient, any disclosure, copying, distribution, or other use of any of the information in this transmission is strictly prohibited. If you have received this transmission in error, please notify me immediately by reply e-mail or by telephone at 704-687-1943.  Thank you.

More information about the Kerberos mailing list