--On Friday, October 06, 2006 09:21:51 AM -0500 John Hascall
<[EMAIL PROTECTED]> wrote:
So *how* does the server know that only the function-number is encrypted
vs. all of the payload? (not to mention why bother encrypting the
least sensitive bit of the whole thing!)
One of the things that is negotiated is the "rxkad level", that is, the
level of data protection ostensibly provided. this data is only in the
encrypted challenge/response packets and is not visible at the rx layer.
There are three levels:
rxkad_clear: no protection beyond the 16bit checksum in the header.
rxkad_auth: nominal integrity protection. an exta 4 byte value is prepended
to the payload. This word contains the packet sequence number, the call
number, and the packet length. the first block (8 bytes) of the payload is
encrypted. This should prevent an attacker from being able to manufacture
new packets (they can only modify existing ones) , changing the opcode of
an rpc (from say read to write) in an existing packet, or replaying packets.
rxkad_auth: confidentiality. the same 4 byte value is prepended to the
packet and the entire payload is encrypted.
I'm not sure how you got rxkad_auth in a vos request. As far as I can tell,
vsu_ClientInit still defaults to rxkad_clear.
_______________________________________________
OpenAFS-devel mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-devel
