[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
arcfour: hmac-md5 vs. md5
From: |
Elrond |
Subject: |
arcfour: hmac-md5 vs. md5 |
Date: |
Fri, 28 Apr 2006 17:46:25 +0200 |
User-agent: |
Mutt/1.5.9i |
Okay,
this is still about TGS. I just noticed, that we have too
many buttons (parameters) to press and try stuff. So I
decided to start from scratch and look only at one
parameter:
arcfour-hmacs default checksum.
Either hmac-md5 or plain-md5 (MD_RSA_MD5).
(I modified crypto-rc4.c for this "parameter change").
Other parameters:
cipher: "arcfour-hmac" only.
preauth: enabled
subkey in TGS: enabled
w2k3-kdc:
Sending a TGS with hmac-md5 gets me a "Message
stream modified" from the w2k3-kdc.
Doing the same with plain-md5 gets me a response,
that shishi can't decrypt.
heimdal-kdc:
Version: 0.7.2 from Debian/testing
Both variants work and I can't really discover any
difference.
Both give this warning from shishi at TGS-time:
"libshishi: warning: KDC bug: Reply encrypted using wrong key."
>From my limited point of view, this looks like shishi and
heimdal are consistent to each other with the hmac-md5, but
shishi and w2k3 do not seem to share this.
This is particular confusing to me, as arcfour-hmac was
invented by the guys at ms. So either their spec isn't
correct or heimdal and you seem to have misread it (no
reproach intended!).
So what next?
Elrond
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- arcfour: hmac-md5 vs. md5,
Elrond <=