Proposed modifications to replay cache to prevent false positives

Sam Hartman hartmans at MIT.EDU
Thu Jun 2 13:33:16 EDT 2005

>>>>> "Roland" == Roland Dowdeswell <elric at> writes:

    Roland> 	2.  the hash should be performed on the authenticator
    Roland> prior to decryption so that the ticket used is implicitly
    Roland> part of the hashed data (since it's session key should be
    Roland> different than any other session key) and the
    Roland> authenticator's IV should eliminate the chance of false
    Roland> positives using the same ticket.

I'm not at all sure about this.  You need to make sure that there
aren't changes to the ciphertext (for example padding, changing ASN.1
wrappers) that can cause the hash to change but not change the
underlying semantic content.

More information about the krbdev mailing list