Upgrading to Triple-DES Encryption Keys
Beginning with the 1.2 release from MIT, Kerberos includes
a stronger encryption algorithm called "triple DES" - essentially,
three applications of the basic DES encryption algorithm, greatly
increasing the resistance to a brute-force search for the key by an
attacker. This algorithm is more secure, but encryption is much
slower.
Release 1.1 had some support for triple-DES service keys, but with
release 1.2 we have added support for user keys and session keys as
well. Release 1.0 had very little support for multiple cryptosystems,
and some of that software may not function properly in an environment
using triple-DES as well as plain DES.
In the 1.3 release from MIT, Kerberos also includes the RC4
encryption alogorithm, a stream cipher symmetric key algorithm
developed in 1987 by Ronald Rivest at RSA Data Security. Please note
that RC4 is not part of the IETF standard.
Because of the way the MIT Kerberos database is structured, the KDC
will assume that a service supports only those encryption types for
which keys are found in the database. Thus, if a service has only a
single-DES key in the database, the KDC will not issue tickets for that
service that use triple-DES or RC4 session keys; it will instead issue
only single-DES session keys, even if other services are already
capable of using triple-DES or RC4. So if you make sure your
application server software is updated before adding a triple-DES or
RC4 key for the service, clients should be able to talk to services at
all times during the updating process.
Normally, the listed supported_enctypes
in kdc.conf
are
all used when a new key is generated. You can control this with
command-line flags to kadmin
and kadmin.local
. You may
want to exclude triple-DES and RC4 by default until you have updated a
lot of your application servers, and then change the default to include
triple-DES and RC4. We recommend that you always include
des-cbc-crc
in the default list.