Ken Foskey wrote:
On Tue, 2004-11-09 at 15:31 +1100, Toliman wrote:
Ken Foskey wrote:
On Mon, 2004-11-08 at 23:27 +1100, James Gregory wrote:
Foes anyone know the ciphers that kerberos uses? I was going to ask the
person that did cryptography in Uni recently :-)
Kerberos uses DES, but the encryption method can be negotiated in
versions >v4. DES is still used in a lot of operational cryptographic
applications,and it is 'relatively' secure, in that it would hopefully
take a p4 a few hours to brute force... more likely in minutes. Which is
why DES has been phased out for at least 5 years, replaced by AES in
secure applications.
OK this echos my research today (cost me a coffee :-)
Kerberos by default uses DES encryption so a fully encrypted Kerberos
telnet would use DES encryption by default. It is possible to put
additional ciphers into kerberos but it is not part of the standard.
By comparison ssh uses 3DES by default here are the cipher options from
one version of ssh itself. For those that do not know 3DES is literally
encrypt in DES three times, very secure, the man page notes that DES is
insecure.
AnyCipher: Any available cipher (apart from none) can be used.
AnyStdCipher: Allows only standard ciphers, i.e. those ciphers mentioned
in the IETF-SecSH-draft (excluding none). This is the default cipher
value.
AES128 Use 128-bit Advanced Encryption Standard (Rijndael) encryption.
AES192 Use 192-bit Advanced Encryption Standard (Rijndael) encryption.
AES256 Use 256-bit Advanced Encryption Standard (Rijndael) encryption.
3DES Use 3DES encryption.
Blowfish: Use Blowfish encryption.
Twofish: Use Twofish encryption.
Arcfour: Use Arcfour encryption.
CAST: Use CAST encryption.
DES: Use DES encryption. DES is generally considered a very weak cipher,
and its use is not recommended. It is offered as a fallback option only.
none: Don't use encryption. Use this option for testing purposes only!
OK my research is that using kerberos is NO MORE security that ssh but
is significantly less secure than ssh by default. My apologies for
being painful however but sometimes the likelihood of someone being
right is inversely proportional to the number of people shouting them
down.
Here endeth the lesson on security. If someone tells you something is
more secure you simply must do your own homework. What they are saying
may be dated information which appears to be the case here, DES is
certainly a dated protocol in security terms.
I am using MIT krb5-1.3.3 which was the latest release in April, 2004.
The current release is MIT krb5-1.3.5.(http://web.mit.edu/kerberos/www/)
This a snippet of what I have in my /etc/krb5.conf:
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
I use this in AFS (Andrew File System - http://www.openafs.org )
setup at home to test.
Not only can I configure it to use triple des but in addition it is
used in combination with others. Sources apart from MIT says
kerberos5 is the stronger security encryption tool. This is
easily check from the Internet.
The yards to measure security for some tool or software is done by
evaluating the product in its entirity and not only bits and pieces of
it.
Have some fun.
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
