• Kerberos AES256 and constants

    From Egor@21:1/5 to All on Sun Oct 11 13:16:50 2020
    Good day.
    I am searching for detailed AES256 kerberos algorithm implementation.
    I am interested espeсially in nfold algorithm in it. I know, how nfold algorithm works, but it is very important for me to know, which constants except string "kerberos" are used in key derivation with the help of nfold algorithm. I have heard that
    these constants depends on the type of traffic packet (AS_REG, AS_REP, TGS_REP) Could you please help to find it, it is very important?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Greg Hudson@21:1/5 to Egor on Sun Oct 11 13:34:24 2020
    To: kerberos@mit.edu (kerberos@mit.edu)

    On 10/11/20 6:16 AM, Egor wrote:
    Good day.
    I am searching for detailed AES256 kerberos algorithm implementation.
    I am interested espeсially in nfold algorithm in it. I know, how nfold algorithm works, but it is very important for me to know, which constants except string "kerberos" are used in key derivation with the help of nfold algorithm. I have heard that
    these constants depends on the type of traffic packet (AS_REG, AS_REP, TGS_REP)
    Could you please help to find it, it is very important?

    RFC 3961 and 3962 are the references here. RFC 3961 defines the overall framework and (in section 5) the simplified profile. RFC 3962 defines
    the AES-SHA1 enctypes using the simplified profile.

    In the simplified profile, the protocol key is used to derive three
    subkeys named Kc, Ke, and Ki. Ke and Ki are used for encryption (Ki for
    the integrity tag, Ke to encrypt the plaintext) and Kc is used for the
    checksum operation. The derivation of these subkeys is specified at the
    very end of RFC 3961 section 5.3. The n-folded constant used in these derivations is the key usage number (as a four-byte big-endian integer)
    with a different byte appended for each subkey.

    The key usage number is determined by the Kerberos or application
    protocol operation being performed. Specific key usage numbers are
    defined in RFC 4120 section 7.5.1 and in the ad hoc registry at: https://github.com/krb5/krb5-assignments/blob/master/key-usage

    As you noted, the constant "kerberos" is also used at the end of the string-to-key operation.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)