elliptic curve pkinit?

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

elliptic curve pkinit?

Pallissard, Matthew-2
Has MIT kerberos implemented pkinit with elliptic curve certs/keys?  Some initial searching points me to an informational ietf RFC posted out there, but nothing official.

I figured I'd ask the list before I wasted any time testing.


Thanks in advance.

Matt Pallissard
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|

Re: elliptic curve pkinit?

Greg Hudson
On 04/02/2017 04:59 PM, [hidden email] wrote:
> Has MIT kerberos implemented pkinit with elliptic curve certs/keys?  Some initial searching points me to an informational ietf RFC posted out there, but nothing official.

We have not, although we would like to in principle.  I believe Heimdal
does; I'm not sure about Microsoft.
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|

Re: elliptic curve pkinit?

Rick van Rein (OpenFortress)
In reply to this post by Pallissard, Matthew-2
Hey,


> Has MIT kerberos implemented pkinit with elliptic curve certs/keys?  Some initial searching points me to an informational ietf RFC posted out there, but nothing official.

FWIW, in the ARPA2 project we're working on Realm Crossover (based on
DANE/DNSSEC) which uses ECDHE.  The protocol is almost compatible with
PKINIT, but not quite on account of a technicality (no tickets in the
reply).  The work leaves openings for client-to-KDC access, but doesn't
fill them in.


http://k5wiki.kerberos.org/wiki/Projects/Realm_Crossover_between_KDCs
http://realm-xover.arpa2.net/kerberos.html

A glimpse at upcoming software (and the earlier PoC) are on
https://github.com/arpa2/kxover

-Rick
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|

Re: elliptic curve pkinit?

Pallissard, Matthew
In reply to this post by Greg Hudson
On Sun, 2017-04-02 at 21:51 -0400, Greg Hudson wrote:
> On 04/02/2017 04:59 PM, [hidden email] wrote:
> > Has MIT kerberos implemented pkinit with elliptic curve certs/keys?  Some initial searching points me to an informational ietf RFC posted out there, but nothing official.
>
> We have not, although we would like to in principle.  I believe Heimdal
> does; I'm not sure about Microsoft.


Thanks for the info.  Is there any plan to do so currently in the works?
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|

Re: elliptic curve pkinit?

Bob McElrath
In reply to this post by Rick van Rein (OpenFortress)
We are using MIT Kerberos with PKINIT using certificates using the secp256k1 curve.  It works fine.  I believe the certificates can be signed with any elliptic curve that openssl knows how to verify.

Internally the MIT implementation uses ephemeral Diffie-Hellman on RSA.  Perhaps that is what Greg meant with his "no" answer?
________________________________________
From: [hidden email] <[hidden email]> on behalf of Rick van Rein <[hidden email]>
Sent: Monday, April 3, 2017 8:36 AM
To: [hidden email]
Cc: [hidden email]
Subject: Re: elliptic curve pkinit?

Hey,


> Has MIT kerberos implemented pkinit with elliptic curve certs/keys?  Some initial searching points me to an informational ietf RFC posted out there, but nothing official.

FWIW, in the ARPA2 project we're working on Realm Crossover (based on
DANE/DNSSEC) which uses ECDHE.  The protocol is almost compatible with
PKINIT, but not quite on account of a technicality (no tickets in the
reply).  The work leaves openings for client-to-KDC access, but doesn't
fill them in.


http://k5wiki.kerberos.org/wiki/Projects/Realm_Crossover_between_KDCs
http://realm-xover.arpa2.net/kerberos.html

A glimpse at upcoming software (and the earlier PoC) are on
https://github.com/arpa2/kxover

-Rick
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos

________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos