RC4 Weak Key checks

Ken Raeburn raeburn at MIT.EDU
Fri Mar 25 16:12:59 EDT 2011

On Mar 25, 2011, at 15:22, Jeffrey Altman wrote:
> I can find no evidence that Microsoft Kerberos SSP performs weak key
> checks.  Perhaps the consortium can obtain an explicit answer from
> Microsoft.

I think this is key.  The "spec" is documentation of How Windows Does Things, and AFAIK the main use of RC4 with MIT Kerberos is for Windows compatibility, so that's where we should be looking to clarify this.  If they do weak key checks -- either rejecting them or adjusting keys to avoid them -- then the RFC ought to be updated; if they don't, then for compatibility perhaps MIT shouldn't either.  (And if it's really a big security problem -- as I suspect it actually was *not* for DES weak keys given how we use DES -- then that's an argument for deprecation of RC4.)


More information about the krbdev mailing list