help-shishi
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: arcfour: hmac-md5 vs. md5

From: Simon Josefsson
Subject: Re: arcfour: hmac-md5 vs. md5
Date: Wed, 03 May 2006 12:14:55 +0200
User-agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux) 
Elrond <address@hidden> writes:

> Any news on this?
>
> Or are you just plain busy? :)

Busy weekend..  I haven't had time to look into this yet.  But solving
this is my main priority for shishi, so hopefully I'll get to it very
soon.

I have a vague memory that ARCFOUR-HMAC checksum was invented later
than the ARCFOUR encryption scheme.  So it may be that w2k3 doesn't
support it in the same way as shishi implement it.  If Heimdal doesn't
use it against w2k3, maybe we shouldn't either.  But that doesn't
really answer why things behave as they do for you below.

/Simon

>
>     Elrond
>
>
> On Fri, Apr 28, 2006 at 05:46:25PM +0200, Elrond wrote:
>> 
>> Okay,
>> 
>> this is still about TGS. I just noticed, that we have too
>> many buttons (parameters) to press and try stuff. So I
>> decided to start from scratch and look only at one
>> parameter:
>> 
>> arcfour-hmacs default checksum.
>> Either hmac-md5 or plain-md5 (MD_RSA_MD5).
>> (I modified crypto-rc4.c for this "parameter change").
>> 
>> 
>> Other parameters:
>>      cipher: "arcfour-hmac" only.
>>      preauth: enabled
>>      subkey in TGS: enabled
>> 
>> 
>> w2k3-kdc:
>> 
>>      Sending a TGS with hmac-md5 gets me a "Message
>>      stream modified" from the w2k3-kdc.
>> 
>>      Doing the same with plain-md5 gets me a response,
>>      that shishi can't decrypt.
>> 
>> heimdal-kdc:
>>      Version: 0.7.2 from Debian/testing
>> 
>>      Both variants work and I can't really discover any
>>      difference.
>> 
>>      Both give this warning from shishi at TGS-time:
>> 
>>      "libshishi: warning: KDC bug: Reply encrypted using wrong key."
>> 
>> 
>> >From my limited point of view, this looks like shishi and
>> heimdal are consistent to each other with the hmac-md5, but
>> shishi and w2k3 do not seem to share this.
>> 
>> This is particular confusing to me, as arcfour-hmac was
>> invented by the guys at ms. So either their spec isn't
>> correct or heimdal and you seem to have misread it (no
>> reproach intended!).
>> 
>> So what next?
>> 
>> 
>>     Elrond
>> 
>> 
>> _______________________________________________
>> Help-shishi mailing list
>> address@hidden
>> http://lists.gnu.org/mailman/listinfo/help-shishi
reply via email to
[Prev in Thread] Current Thread [Next in Thread]