lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <f506a4fa-ffa2-4258-ae3c-c3cf4568f9a4@auristor.com>
Date: Fri, 10 Jan 2025 13:22:23 -0500
From: Jeffrey E Altman <jaltman@...istor.com>
To: Herbert Xu <herbert@...dor.apana.org.au>,
 David Howells <dhowells@...hat.com>
Cc: Chuck Lever <chuck.lever@...cle.com>,
 Trond Myklebust <trond.myklebust@...merspace.com>,
 "David S. Miller" <davem@...emloft.net>,
 Marc Dionne <marc.dionne@...istor.com>, Eric Dumazet <edumazet@...gle.com>,
 Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
 Simon Horman <horms@...nel.org>, linux-crypto@...r.kernel.org,
 linux-afs@...ts.infradead.org, linux-nfs@...r.kernel.org,
 linux-fsdevel@...r.kernel.org, netdev@...r.kernel.org,
 linux-kernel@...r.kernel.org
Subject: Re: [RFC PATCH 2/8] crypto/krb5: Provide Kerberos 5 crypto through
 AEAD API

On 1/10/2025 5:02 AM, Herbert Xu wrote:
> So does your use-case support both standard AEAD algorithms such
> as GCM as well as these legacy algorithms?

RXGK is described by 
https://datatracker.ietf.org/doc/draft-wilkinson-afs3-rxgk/.

Any RFC3961 ("Encryption and Checksum Specifications for Kerberos 5") 
framework encryption algorithm can be used with it.

There have been proposals to add AEAD encryption types to RFC3961. For 
example, Luke Howard proposed

https://datatracker.ietf.org/doc/draft-howard-krb-aead/

The Security Considerations section describes the reasons that MIT's 
Kerberos team is reluctant to add AEAD algorithms to RFC3961. The 
primary one being that AEAD algorithms are not safe for all of the 
existing RFC3961 use cases and there is no means of ensuring that AEAD 
encryption types would not be misused.

Requests for the addition of AEAD to RFC3961 have come from both the 
NFSv4 community and those implementing RXGK. Alas, there has been no 
forward progress since the publication of Luke's draft.

Jeffrey Altman


Download attachment "smime.p7s" of type "application/pkcs7-signature" (4276 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ