[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CVS shishi/doc/specifications
From: |
shishi-commit |
Subject: |
CVS shishi/doc/specifications |
Date: |
Sun, 24 Oct 2004 11:35:30 +0200 |
Update of /home/cvs/shishi/doc/specifications
In directory dopio:/tmp/cvs-serv6850
Added Files:
draft-ietf-krb-wg-sha1-00.txt
Log Message:
Add.
--- /home/cvs/shishi/doc/specifications/draft-ietf-krb-wg-sha1-00.txt
2004/10/24 09:35:30 NONE
+++ /home/cvs/shishi/doc/specifications/draft-ietf-krb-wg-sha1-00.txt
2004/10/24 09:35:30 1.1
INTERNET DRAFT K. Raeburn
Kerberos Working Group MIT
Document: draft-ietf-krb-wg-sha1-00.txt October 18, 2004
expires April 18, 2005
Unkeyed SHA-1 Checksum Specification
for Kerberos 5
Status of this Memo
By submitting this Internet-Draft, I certify that any applicable
patent or other IPR claims of which I am aware have been disclosed,
or will be disclosed, and any of which I become aware will be
disclosed, in accordance with RFC 3668.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than a "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
Copyright Notice
Copyright (C) The Internet Society (2004). All Rights Reserved.
Abstract
The Kerberos cryptosystem specification requires a profile detailing
several operations for a new checksum type for ensuring the integrity
of data in Kerberos and related protocol exchanges. This document
specifies the use of a simple unkeyed checksum type based on SHA-1.
Raeburn [Page 1]
INTERNET DRAFT October 2004
1. Introduction
The Kerberos cryptosystem specification requires a profile detailing
several operations for a new checksum type for ensuring the integrity
of data in Kerberos and related protocol exchanges. This document
specifies the use of a simple unkeyed checksum type based on SHA-1.
(...to be expanded on a bit, describe PKINIT use...)
2. Checksum Definition
The SHA-1 Kerberos checksum type calculates a checksum using the
SHA-1 hash algorithm. This algorithm takes as input a message of
arbitrary length, and produces as output a 160-bit (20 octet) hash
value.
Any general specification of a Kerberos checksum value to be computed
must include the encryption key and a key usage value [KCRYPTO].
Both of these values are ignored for the SHA-1 checksum type, thus
this checksum algorithm may be used with any encryption key type.
The parameters for the Kerberos checksum profile for this type are
thus:
sha1
----------------------------------------------
associated cryptosystem any
get_mic sha1(msg)
verify_mic get_mic and compare
The sha1 checksum algorithm is assigned a checksum type number of 14.
3. Security Considerations
Unkeyed checksum types should be used with caution, in limited
circumstances where the lack of a key does not provide an avenue for
an attacker to compromise the integrity of the data being conveyed.
Even when encrypted, the use of unkeyed checksums may allow some
forms of attack; this is discussed in the Security Considerations
section of [KCRYPTO].
The use of unkeyed checksums for integrity protection should be done
with great care.
Raeburn [Page 2]
INTERNET DRAFT October 2004
4. IANA Considerations
The Kerberos checksum type values 10 and 14 have both been reserved
for "sha1 (unkeyed)" per [KCRYPTO], the latter with intent to use it
with this specification, and the former on the basis of speculation
that some implementation might have used that value for the same
purpose.
XXX...mention PKINIT above as the intended use?
IANA is directed to assign the Kerberos checksum type value 14 to
"sha1" with a reference to this document.
As no supporting information has been found regarding any existing
experimental use of or specification for Kerberos checksum type 10,
IANA is directed to delete that registry entry, leaving the value
available for future assignment.
Normative References
[KCRYPTO]
Raeburn, K., "Encryption and Checksum Specifications for Kerberos
5", draft-ietf-krb-wg-crypto-07.txt, February 2004.
[SHA1]
NIST, "Secure Hash Standard", FIPS PUB 180-1, April 1995.
Informative References
[KRB]
Neuman, C., Yu, T., Hartman, S., and K. Raeburn, "The Kerberos
Network Authentication Service (V5)", draft-ietf-krb-wg-kerberos-
clarifications-07.txt, September 2004.
[PKINIT]
Tung, B., Neuman, C., Hur, M., Medvinsky, A., Medvinsky, S., Wray,
J., and J. Trostle, "Public Key Cryptography for Initial
Authentication in Kerberos", draft-ietf-cat-kerberos-pk-
init-20.txt, July 2004.
Author's Address
Kenneth Raeburn
Massachusetts Institute of Technology
77 Massachusetts Avenue
Cambridge, MA 02139
address@hidden
Raeburn [Page 3]
INTERNET DRAFT October 2004
Full Copyright Statement
Copyright (C) The Internet Society 2004. This document is subject to
the rights, licenses and restrictions contained in BCP 78, and except
as set forth therein, the authors retain all their rights.
Disclaimer
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Raeburn [Page 4]
- CVS shishi/doc/specifications,
shishi-commit <=