wrong checksum type for arcfour-hmac-md5
Greg Hudson
ghudson at MIT.EDU
Thu Sep 16 12:39:32 EDT 2010
On Thu, 2010-09-16 at 12:21 -0400, Luke Howard wrote:
> Here we have to balance security against interoperability. Is it
> possible to get the third-party server fixed?
I don't think there's a security issue here; the authenticator checksum
doesn't need to be keyed. The question is what the fix looks like:
1. Samba uses a proper GSSAPI checksum in its homegrown GSSAPI code.
This is the ideal fix, but might be too difficult.
2. Samba uses krb5_auth_con_set_req_cksumtype() to cause an MD5 checksum
to be used when the enctype is RC4.
3. MIT krb5 switches to using MD5 checksums with RC4 keys in
authenticators only.
The downside of (3) is that it's extra complexity in our code base for
the sake of an improper use case (Samba using regular AP-REQ checksums
in a GSSAPI AP-REQ). The upside is that it makes us consistent with
Heimdal and MS clients.
More information about the krbdev
mailing list