The NULL Encryption System

Sam Hartman hartmans at MIT.EDU
Mon Mar 29 14:57:57 EST 2004

>>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams at> writes:

    Nicolas> Technically it was (and still is) used by some rfc1964
    Nicolas> (krb5 gss mech) implementations for "encrypting" the
    Nicolas> KRB-CRED encpart; other than this the null enctype has
    Nicolas> not been used for anything else, nor should be.

No, if they used the null enctype, then you'd get an EncryptedData
with plaintext as ciphertext; you don't even get that.  You get the
encrypted part of the krb_cred structure encoded directly in the place
where you'd expect an EncryptedData.

More information about the krbdev mailing list