_kdc_is_weak_exception() relevance in 2014

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

_kdc_is_weak_exception() relevance in 2014

Ken Dreyer-2
It seems that _kdc_is_weak_exception() unconditionally allows the KDC
to return a 1DES session key, even if I run the server with
--disable-des.

Now that AFS has had rxkad-kdf for a while, can we remove
_kdc_is_weak_exception() altogether?

- Ken
Reply | Threaded
Open this post in threaded view
|

Re: _kdc_is_weak_exception() relevance in 2014

Jeffrey Altman-2
On 9/22/2014 3:37 PM, Ken Dreyer wrote:
> It seems that _kdc_is_weak_exception() unconditionally allows the KDC
> to return a 1DES session key, even if I run the server with
> --disable-des.
>
> Now that AFS has had rxkad-kdf for a while, can we remove
> _kdc_is_weak_exception() altogether?
>
> - Ken


Ken,

Fewer than 30% of public cells have installed versions of OpenAFS that
support rxkad-kdf let alone have deployed non-DES keys.

Beyond that there are more than a decade of OpenAFS clients deployed
that do not support rxkad-kdf.

That being said, Yosemite is not going to have any 1DES support and a
future version of Heimdal master is going to also lose 1DES support.  In
my opinion the kdw_weak_exception() for AFS should remain until 1DES is
removed entirely.

Jeffrey Altman



smime.p7s (6K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: _kdc_is_weak_exception() relevance in 2014

Ken Dreyer-2
On Mon, Sep 22, 2014 at 5:57 PM, Jeffrey Altman
<[hidden email]> wrote:

> On 9/22/2014 3:37 PM, Ken Dreyer wrote:
>> It seems that _kdc_is_weak_exception() unconditionally allows the KDC
>> to return a 1DES session key, even if I run the server with
>> --disable-des.
>>
>> Now that AFS has had rxkad-kdf for a while, can we remove
>> _kdc_is_weak_exception() altogether?
>>
>
>
> Ken,
>
> Fewer than 30% of public cells have installed versions of OpenAFS that
> support rxkad-kdf let alone have deployed non-DES keys.
>
> Beyond that there are more than a decade of OpenAFS clients deployed
> that do not support rxkad-kdf.
>
> That being said, Yosemite is not going to have any 1DES support and a
> future version of Heimdal master is going to also lose 1DES support.  In
> my opinion the kdw_weak_exception() for AFS should remain until 1DES is
> removed entirely.

Ouch, yeah. What is the best way to improve this? Should we have a
"--disable-des-no-exceptions" flag?

It strikes me as odd that neither --disable-des nor allow_weak_crypto
are able to fully turn off DES session keys.

- Ken
Reply | Threaded
Open this post in threaded view
|

Re: _kdc_is_weak_exception() relevance in 2014

Love Hörnquist Åstrand

> 23 sep 2014 kl. 22:09 skrev Ken Dreyer <[hidden email]>:
>
> On Mon, Sep 22, 2014 at 5:57 PM, Jeffrey Altman
> <[hidden email]> wrote:
>> On 9/22/2014 3:37 PM, Ken Dreyer wrote:
>>> It seems that _kdc_is_weak_exception() unconditionally allows the KDC
>>> to return a 1DES session key, even if I run the server with
>>> --disable-des.
>>>
>>> Now that AFS has had rxkad-kdf for a while, can we remove
>>> _kdc_is_weak_exception() altogether?
>>>
>>
>>
>> Ken,
>>
>> Fewer than 30% of public cells have installed versions of OpenAFS that
>> support rxkad-kdf let alone have deployed non-DES keys.
>>
>> Beyond that there are more than a decade of OpenAFS clients deployed
>> that do not support rxkad-kdf.
>>
>> That being said, Yosemite is not going to have any 1DES support and a
>> future version of Heimdal master is going to also lose 1DES support.  In
>> my opinion the kdw_weak_exception() for AFS should remain until 1DES is
>> removed entirely.
>
> Ouch, yeah. What is the best way to improve this? Should we have a
> "--disable-des-no-exceptions" flag?
>
> It strikes me as odd that neither --disable-des nor allow_weak_crypto
> are able to fully turn off DES session keys.

Remove HEIM_WEAK_CRYPTO from config.h before compiling.

Love