AES for Kerberos (RFC3962)

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

AES for Kerberos (RFC3962)

Anderson Luiz Brunozi
Hello,

I'm implementing a Java kerberos client to be used in a mobile application. I already have a working version, using DES keys.
But now, I'm required to change it to use AES, instead of DES. I have started it by trying to follow what is described in RFC3962.
The text says the key generation is done by these two steps:

   tkey = random2key(PBKDF2(passphrase, salt, iter_count, keylength))
   key = DK(tkey, "kerberos")

And, following the example below, I have already been able to generate the "128-bit PBKDF2 output".

   Iteration count = 1200
   Pass phrase = "password"
   Salt = "ATHENA.MIT.EDUraeburn"
   128-bit PBKDF2 output:
       5c 08 eb 61 fd f7 1e 4e 4e c3 cf 6b a1 f5 51 2b
   128-bit AES key:
       4c 01 cd 46 d6 32 d0 1e 6d be 23 0a 01 ed 64 2a

Now I'm stuck at how I could generate the "128-bit AES key". If I have understood it, that should be what the DK() function does.
So, could anyone tell me what, exactly, does this DK() function do?

Thanks,

Anderson Luiz Brunozi

________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|

Re: AES for Kerberos (RFC3962)

Kenneth G Raeburn
On Jun 1, 2005, at 10:46, Anderson Luiz Brunozi wrote:
> Now I'm stuck at how I could generate the "128-bit AES key". If I have
> understood it, that should be what the DK() function does.
> So, could anyone tell me what, exactly, does this DK() function do?

The DK function is described in the key derivation discussion in RFC
3961.  I'm sorry if the reference wasn't clear enough.

Ken

________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|

Re: AES for Kerberos (RFC3962)

Seema Malkani
In reply to this post by Anderson Luiz Brunozi
Sun's implementation of Java GSS/Kerberos now supports AES128, AES256,
RC4-HMAC, 3DES and DES encryption types.

Support for 3DES (des3-cbc-sha1-kd) encryption type is available in J2SE
1.5.0 onwards.

Support for AES128, AES256, and RC4-HMAC encryption types is available
in the next J2SE release (i.e. J2SE 1.6.0) onwards.

Seema

Anderson Luiz Brunozi wrote:

>Hello,
>
>I'm implementing a Java kerberos client to be used in a mobile application. I already have a working version, using DES keys.
>But now, I'm required to change it to use AES, instead of DES. I have started it by trying to follow what is described in RFC3962.
>The text says the key generation is done by these two steps:
>
>   tkey = random2key(PBKDF2(passphrase, salt, iter_count, keylength))
>   key = DK(tkey, "kerberos")
>
>And, following the example below, I have already been able to generate the "128-bit PBKDF2 output".
>
>   Iteration count = 1200
>   Pass phrase = "password"
>   Salt = "ATHENA.MIT.EDUraeburn"
>   128-bit PBKDF2 output:
>       5c 08 eb 61 fd f7 1e 4e 4e c3 cf 6b a1 f5 51 2b
>   128-bit AES key:
>       4c 01 cd 46 d6 32 d0 1e 6d be 23 0a 01 ed 64 2a
>
>Now I'm stuck at how I could generate the "128-bit AES key". If I have understood it, that should be what the DK() function does.
>So, could anyone tell me what, exactly, does this DK() function do?
>
>Thanks,
>
>Anderson Luiz Brunozi
>
>________________________________________________
>Kerberos mailing list           [hidden email]
>https://mailman.mit.edu/mailman/listinfo/kerberos
>  
>

________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos