Encryption implementation in Krb5 Any Help?
hartmans at MIT.EDU
Sun Feb 29 07:10:42 EST 2004
>>>>> "Adusumilli" == Adusumilli Neelima <neelima at students.iiit.net> writes:
Adusumilli> Hi all, I am new to Kerberos. I am working on a
Adusumilli> project which aims at enabling IDEA algorithm in
Adusumilli> Kerberos instead of DES or AES. I have already
Adusumilli> implemented IDEA. Can anyone help me out in pointing
Adusumilli> the files that I have to change and the structure that
Adusumilli> I have to write it in (keeping in mind the
Adusumilli> parameters)?? I need some help desperately as I have
Adusumilli> to complete it in another week or so. So any kind of
Adusumilli> help would be grateful.
This sounds like a great project. First, you'll get a fair bit of
experience reading specifications. Then, you'll get practice writing
specifications. ANd you'll get to learn how to interpret code that
you're relatively unfamiliar with and to debug code you've inserted
into a larger project.
I think that it is just possible to complete this in a week, but it
will certainly be somewhat challenging.
To understand how Kerberos encryption systems work over the wire, you
Then you'll want to see an example of the part of the specification
you need to write--the binding of Idea to the crypto profile. I'd
recommend the AES draft as such an example; it is quite short. I
don't have a reference handy, but draft-raeburn-something.
Then you'll want to write up the Idea specification. Even if you just
turn this in as part of a group project, you'll find that the
specification is invaluable in debugging and making sure you think
through the problems.
To implement the code start looking at src/lib/crypto/etypes.c; there
is a structure of function pointers you will need to examine and
implement. Starting at that file should make it clear what is needed.
More information about the krbdev