IETF Logo Mail Archive

Re: [kitten] Question about AES mode in Kerberos

Luke Howard <lukeh@padl.com> Sun, 08 January 2023 10:45 UTC

Return-Path: <lukeh@padl.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D00EC14F719 for <kitten@ietfa.amsl.com>; Sun, 8 Jan 2023 02:45:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=padl.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l4fANsBEYfJx for <kitten@ietfa.amsl.com>; Sun, 8 Jan 2023 02:45:25 -0800 (PST)
Received: from us.padl.com (us.padl.com [216.154.215.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 00F0BC14F693 for <kitten@ietf.org>; Sun, 8 Jan 2023 02:45:24 -0800 (PST)
Received: from auth (localhost [127.0.0.1]) by us.padl.com (8.14.7/8.14.7) with ESMTP id 308AjLbs011642 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for <kitten@ietf.org>; Sun, 8 Jan 2023 10:45:23 GMT
DKIM-Filter: OpenDKIM Filter v2.11.0 us.padl.com 308AjLbs011642
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=padl.com; s=default; t=1673174723; bh=9KEGUzWyrgFwOc0UXiLcwD5k70+DiPsGDri8yBLidF4=; h=From:Subject:Date:References:In-Reply-To:To:From; b=FcfXmkAtuokKFnl9T/EYzNKtGMzXev6o8WidcotJJeQtmQNA5ThRYVJjjJ2LtgRVZ zpp5lscKcsA8Vw9grdOvpHlqmnWDiUpX03/jmTyX/ZaWIcJx6tspNpnl6qd5NWHMoV u/LKP6ss1hkVyoMK4xr+flMbiLU/IPNI5WB61gEKWsXp6iis1mB05kYQI+tTjumGsw gKud5E7mmTRxYyGAWKBBvBIJxqCcfRV/3xU2eeXE/NBHuxfhXhNy4YHMAOyQJP4o+E 1iWsXwD2/cuMN/DiyrXyTMqsN+d2raIezkVQkW3e9DzCbJtbfspHv36ZcMSCr6PnwB WZu0bJSYcfqTw==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: Luke Howard <lukeh@padl.com>
Mime-Version: 1.0 (1.0)
Date: Sun, 08 Jan 2023 21:45:09 +1100
Message-Id: <025F7B96-C1A0-4961-812D-20E7084F4AA0@padl.com>
References: <04C2F638-A514-4FED-9554-9357A4620137@padl.com>
In-Reply-To: <04C2F638-A514-4FED-9554-9357A4620137@padl.com>
To: kitten@ietf.org
X-Mailer: iPhone Mail (20A362)
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/y4n3om_Pscqzz6NQO48YSTHFYn0>
Subject: Re: [kitten] Question about AES mode in Kerberos
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Jan 2023 10:45:29 -0000

> On 8 Jan 2023, at 11:24, Luke Howard Bentata <lukeh@padl.com> wrote:
> 
> PS. NegoEx does RFC3961 checksums, but that’s not directly relevant here as Kerberos is never negotiated by NegoEx. It should also be safe to use draft-howard-gssapi-aead with a fixed zero nonce for NegoEx checksums, because AFAICT checksum keys are not reused (they are per-mechanism and per-direction). Having said that, the fact this is not straightforward to reason about is an argument in favour of your second and third points.

Actually come to think of it, this is irrelevant as no checksum types are defined by the draft.

v2.23.0 | Report a Bug | By Email