[Ietf-krb-wg] Des and 3DES PRF: 16 or 8 bytes
Sam Hartman <hartmans-ietf@mit.edu> Thu, 30 April 2009 20:23 UTC
Return-Path: <ietf-krb-wg-bounces@lists.anl.gov>
X-Original-To: ietfarch-krb-wg-archive@core3.amsl.com
Delivered-To: ietfarch-krb-wg-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DF6863A6869 for <ietfarch-krb-wg-archive@core3.amsl.com>; Thu, 30 Apr 2009 13:23:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.145
X-Spam-Level:
X-Spam-Status: No, score=-2.145 tagged_above=-999 required=5 tests=[AWL=-0.146, BAYES_00=-2.599, J_CHICKENPOX_23=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kJibkcGqo3VO for <ietfarch-krb-wg-archive@core3.amsl.com>; Thu, 30 Apr 2009 13:23:54 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by core3.amsl.com (Postfix) with ESMTP id 11EFD3A680E for <krb-wg-archive@lists.ietf.org>; Thu, 30 Apr 2009 13:23:54 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.ctd.anl.gov (Postfix) with ESMTP id 2DFB33E; Thu, 30 Apr 2009 15:25:17 -0500 (CDT)
Received: from lists.anl.gov (katydid.it.anl.gov [146.137.96.32]) by mailhost.anl.gov (Postfix) with ESMTP id F24E730; Thu, 30 Apr 2009 15:25:14 -0500 (CDT)
Received: from katydid.it.anl.gov (localhost [127.0.0.1]) by lists.anl.gov (Postfix) with ESMTP id C06BC80DFD; Thu, 30 Apr 2009 15:25:14 -0500 (CDT)
X-Original-To: ietf-krb-wg@lists.anl.gov
Delivered-To: ietf-krb-wg@lists.anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by lists.anl.gov (Postfix) with ESMTP id 9C89280DF1 for <ietf-krb-wg@lists.anl.gov>; Thu, 30 Apr 2009 15:25:13 -0500 (CDT)
Received: by mailhost.anl.gov (Postfix) id 8DFB5D; Thu, 30 Apr 2009 15:25:13 -0500 (CDT)
Delivered-To: ietf-krb-wg@anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.ctd.anl.gov (Postfix) with ESMTP id 894C330 for <ietf-krb-wg@anl.gov>; Thu, 30 Apr 2009 15:25:13 -0500 (CDT)
Received: from mailrelay.anl.gov (mailrelay.anl.gov [130.202.101.22]) by mailhost.anl.gov (Postfix) with ESMTP id 8411CD for <ietf-krb-wg@anl.gov>; Thu, 30 Apr 2009 15:25:13 -0500 (CDT)
Received: from localhost (localhost [127.0.0.1]) by localhost.it.anl.gov (Postfix) with ESMTP id 677337CC08D; Thu, 30 Apr 2009 15:25:13 -0500 (CDT)
Received: from mailrelay.anl.gov ([127.0.0.1]) by localhost (mailrelay.anl.gov [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 18711-07; Thu, 30 Apr 2009 15:25:13 -0500 (CDT)
Received: from mailgateway.anl.gov (mailgateway.anl.gov [130.202.101.28]) by mailrelay2.anl.gov (Postfix) with ESMTP id 465B27CC08A for <ietf-krb-wg@anl.gov>; Thu, 30 Apr 2009 15:25:13 -0500 (CDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ApoEAPyl+UlFGcSy/2dsb2JhbADAdYdeiE2DfwWHdQ
X-IronPort-AV: E=Sophos;i="4.40,275,1238994000"; d="scan'208";a="26524247"
Received: from carter-zimmerman.suchdamage.org ([69.25.196.178]) by mailgateway.anl.gov with ESMTP; 30 Apr 2009 15:25:12 -0500
Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id C11EA415B; Thu, 30 Apr 2009 16:25:09 -0400 (EDT)
To: ietf-krb-wg@anl.gov, lha@apple.com, krbdev@mit.edu, heimdal-discuss@sics.se
From: Sam Hartman <hartmans-ietf@mit.edu>
Date: Thu, 30 Apr 2009 16:25:09 -0400
Message-ID: <tslab5x7uu2.fsf@mit.edu>
User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.2 (gnu/linux)
MIME-Version: 1.0
X-Virus-Scanned: Debian amavisd-new at frigga.it.anl.gov
Subject: [Ietf-krb-wg] Des and 3DES PRF: 16 or 8 bytes
X-BeenThere: ietf-krb-wg@lists.anl.gov
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: "This is a list for the IETF Kerberos Working Group. {WORLDPUB, EXTERNAL}" <ietf-krb-wg.lists.anl.gov>
List-Unsubscribe: <https://lists.anl.gov/mailman/options/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=unsubscribe>
List-Archive: <https://lists.anl.gov/pipermail/ietf-krb-wg>
List-Post: <mailto:ietf-krb-wg@lists.anl.gov>
List-Help: <mailto:ietf-krb-wg-request@lists.anl.gov?subject=help>
List-Subscribe: <https://lists.anl.gov/mailman/listinfo/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-krb-wg-bounces@lists.anl.gov
Errors-To: ietf-krb-wg-bounces@lists.anl.gov
Folks, it was not clear in the discussion at IETf 74 whether we wanted to have the RFC 3961 PRF for 3DES change to be an 8-byte output or not. Currently if you assume that the text says to truncate to the nearest multiple of m, then the 3DES PRF should be 16 bytes. As far as I can tell, no one is shipping DES or 3DES PRF, but I only checked Heimdal up through 1.2. My assumption for MIT is that we want to be consistent with RFC 3961 except for AES. So, that would mean that des: cbc-encrypt(md5(prf_input)) 3des: cbc-encrypt(sha-1(prf_input) trunc to 128-bits) with dk(key,"prf") rc4: hmac-sha1(prf_input) with key aes: ecb-encrypt(sha-1(prf_input) trunc to 128-bits) with dk(key, "prf") Do people agree with that? If MIT should do something different for DES or 3DES, now would be the right time to speak up. We're fairly committed to our RC4 and AES implementations. _______________________________________________ ietf-krb-wg mailing list ietf-krb-wg@lists.anl.gov https://lists.anl.gov/mailman/listinfo/ietf-krb-wg
- [Ietf-krb-wg] Des and 3DES PRF: 16 or 8 bytes Sam Hartman
- Re: [Ietf-krb-wg] Des and 3DES PRF: 16 or 8 bytes Jeffrey Hutzelman