[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

arcfour: hmac-md5 vs. md5

From: Elrond
Subject: arcfour: hmac-md5 vs. md5
Date: Fri, 28 Apr 2006 17:46:25 +0200
User-agent: Mutt/1.5.9i


this is still about TGS. I just noticed, that we have too
many buttons (parameters) to press and try stuff. So I
decided to start from scratch and look only at one

arcfour-hmacs default checksum.
Either hmac-md5 or plain-md5 (MD_RSA_MD5).
(I modified crypto-rc4.c for this "parameter change").

Other parameters:
        cipher: "arcfour-hmac" only.
        preauth: enabled
        subkey in TGS: enabled


        Sending a TGS with hmac-md5 gets me a "Message
        stream modified" from the w2k3-kdc.

        Doing the same with plain-md5 gets me a response,
        that shishi can't decrypt.

        Version: 0.7.2 from Debian/testing

        Both variants work and I can't really discover any

        Both give this warning from shishi at TGS-time:

        "libshishi: warning: KDC bug: Reply encrypted using wrong key."

>From my limited point of view, this looks like shishi and
heimdal are consistent to each other with the hmac-md5, but
shishi and w2k3 do not seem to share this.

This is particular confusing to me, as arcfour-hmac was
invented by the guys at ms. So either their spec isn't
correct or heimdal and you seem to have misread it (no
reproach intended!).

So what next?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]