Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Every little picofarad has a nanohenry all its own. -- Don Vonada

devel / comp.protocols.kerberos / Re: RFC 4121 & acceptor subkey use in MIC token generation

SubjectAuthor
o Re: RFC 4121 & acceptor subkey use in MIC token generationJeffrey Hutzelman

1
Re: RFC 4121 & acceptor subkey use in MIC token generation

<mailman.16.1698250596.2263420.kerberos@mit.edu>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=392&group=comp.protocols.kerberos#392

  copy link   Newsgroups: comp.protocols.kerberos
Path: i2pn2.org!i2pn.org!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!tncsrv06.tnetconsulting.net!.POSTED.mailman.mit.edu!not-for-mail
From: jhu...@cmu.edu (Jeffrey Hutzelman)
Newsgroups: comp.protocols.kerberos
Subject: Re: RFC 4121 & acceptor subkey use in MIC token generation
Date: Wed, 25 Oct 2023 12:16:15 -0400
Organization: TNet Consulting
Lines: 27
Message-ID: <mailman.16.1698250596.2263420.kerberos@mit.edu>
References: <202310241950.39OJoa0Z000708@hedwig.cmf.nrl.navy.mil>
<3db2752e-565e-1f64-b354-9031a2fe9334@mit.edu> <ZTiT0ub2uv5A/b4E@ubby21>
<202310251251.39PCpTqc026799@hedwig.cmf.nrl.navy.mil>
<ZTk62q0DIAZmW0eL@ubby21>
<CALF+FNwtDrQ0d+a=zsXyiYq6rhOiXXkqoxUnscwum0Q0wchLJQ@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Injection-Info: tncsrv06.tnetconsulting.net; posting-host="mailman.mit.edu:18.7.21.50";
logging-data="21414"; mail-complaints-to="newsmaster@tnetconsulting.net"
Cc: Ken Hornstein <kenh@cmf.nrl.navy.mil>,
Jonathan Calmels via Kerberos <kerberos@mit.edu>
To: Nico Williams <nico@cryptonector.com>
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=Y4DHwvpGuOORYCEyRXvK26pTKTTaj6XC99BUN0eGgTIPRpdLmvaHqURkIxBeC+JbE6SPxCWqWCFin2ZXv2kj2co8s5ExzxerZ211p5O4evoH5puAZL6K/XA8vUfefNZtLBy69AqZOvBmIsrHeW8sKxpew/IeyzVaoQkgVID7cgmp23w3YeBFW7uUf049RP4y27PSd6aIIP7jGIv+rNqCcW2H4VRiwQtxG346RTvEylI1UEfin+aaSyZwhbdas6/WRa57hTM55f32v3ncbnnOflnYkl3a0JmkwBuk2/bgKUzkofeVRpUOsLQ+NRYwmWQGf0fJqer3T0fk9VUeXdrQDA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=MlCN5U13/Wh/tG+/T5i1vTwNMCd9heyUZmO5fSs82zs=;
b=Hh2+YtcGwLt6AZCMN+4AwKjskUttZZhqZA2zBEFnovz4L25lwjppRs2jpU/t61FfKHPend4CVLuMvhLPffqRIJBalH63tAwkW/tW0nQKN3+Djwx1j3sXnUAVOzjunx3U+Ki4AdaZWFKOyG/j1p56oBEzIj6QTCwKA4m1Ufzf55RQOCZySCFxbQ8ZPgrBIzkdIeX+uPMERXBLuiVj2qlGmlSITPVXLT/v3GfsUC9ANzABbq3hmnt2KhCICCl+0wbBBJzZd2htaQqLSv8aPSCWbGwxP6ZZO+BQAxD2e1xVP27RqFL0ZBxs6lfhnlA25vzqkTnUgb8OiIv/Dh0rxYAo7A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
209.85.219.42) smtp.rcpttodomain=mit.edu smtp.mailfrom=andrew.cmu.edu;
dmarc=pass (p=none sp=none pct=100) action=none header.from=cmu.edu;
dkim=pass (signature was verified) header.d=cmu.edu; arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=mitprod.onmicrosoft.com; s=selector2-mitprod-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=MlCN5U13/Wh/tG+/T5i1vTwNMCd9heyUZmO5fSs82zs=;
b=R4keRAW1mg+gEUXIGvyifamnbD2TNKMkDDVhla8a7vSWrCJvkOK3YTCHgZU/uwLeuz4YDjxKOn5kCcvmXVmstmbI2Ur44SMG31i0zoEQJP6NwaruLCrtn+5z6OT2vh+npg8WRW4+k3lHZcced80FWfA4b1otgHUv1h04bmtorxM=
Authentication-Results: spf=pass (sender IP is 209.85.219.42)
smtp.mailfrom=andrew.cmu.edu; dkim=pass (signature was verified)
header.d=cmu.edu;dmarc=pass action=none header.from=cmu.edu;
Received-SPF: Pass (protection.outlook.com: domain of andrew.cmu.edu
designates 209.85.219.42 as permitted sender)
receiver=protection.outlook.com; client-ip=209.85.219.42;
helo=mail-qv1-f42.google.com; pr=C
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=cmu.edu; s=google-2021; t=1698250589; x=1698855389; darn=mit.edu;
h=cc:to:subject:message-id:date:from:in-reply-to:references
:mime-version:from:to:cc:subject:date:message-id:reply-to;
bh=MlCN5U13/Wh/tG+/T5i1vTwNMCd9heyUZmO5fSs82zs=;
b=HRtM+00mYkaQUb3iz08nehF8T1op6QEikWoaLghecKDax7MtjIaVGgxhQO74KA/Y8o
kpWh3ThMJklBWx22yLXRh3t6o8kZwV9e6c7OapCgZWD5ZsTBGahXi5Ea4W7A2k77NWlz
EvvK4TCL6vf0rBTwxHZSUNekrLYq9JtWc8uoHezrn1G06RpXKjA/l92wGV3NPTo8mVAP
ka/g5b2ef9xaI0h2v6NroKCmQm6pgAfCXtEWNYhmCKkvsVPID2cx/BPiG+Majfz8I4I/
KjDryE1CsegDnrzIJ/bCc+W3vrZ+kl5D2ZvO4ZEHNnussLcCDiPln8FvNl4K9T8w8g2Y
pjDw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1698250589; x=1698855389;
h=cc:to:subject:message-id:date:from:in-reply-to:references
:mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=MlCN5U13/Wh/tG+/T5i1vTwNMCd9heyUZmO5fSs82zs=;
b=QSjOeqCyqO+pXAkbv7LadlhSV3nLpPz8QWJA09T5bAdqjoPIDnkxrn2ivVfHR9lWMu
HD4WuSoK2IriE6RbfqpboI0tJlSFgIhBzbWTmLkX9nylI87FUNs7T3YxRiyGkLyfLzgQ
jzfmx4fAzYDS3FFE+2jR//6edA2TMoXR63D5FgYg0GV++y9Y83NxTKwo0fSIABeoqUta
jZivy0IYtymbkWCt39dnhh3S0T2yDO31K88C23yozYKFYQumhxneV+/z1bGHjw2TIYcU
5M4dDqSb8bxe6iv3G3ouqksLBebvw6XaOfRl2GFg+gpPAxlpH4NI33duZYIVBEF8P/WP
nK/A==
X-Gm-Message-State: AOJu0YwXu1NNYsCz5PAqYRGXF2n8SRjN1LzS844bIhv500y06je4DyQE
y+S/E3XFivaEQSoUSSR8kfyyvHqBLM3JY+YIVP5HVA==
X-Google-Smtp-Source: AGHT+IEngjQRPB5lGX0ISpY+nSgsP5Z0k6PL3qxpDv9ImzZEnGu6pUcK/qWrZp/vfOop7Uom+GKdb2heW76h8NmvADE=
X-Received: by 2002:a0c:e2c9:0:b0:66d:9d15:6876 with SMTP id
t9-20020a0ce2c9000000b0066d9d156876mr16158452qvl.65.1698250588877; Wed, 25
Oct 2023 09:16:28 -0700 (PDT)
In-Reply-To: <ZTk62q0DIAZmW0eL@ubby21>
X-EOPAttributedMessage: 0
X-EOPTenantAttributedMessage: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b:0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: SN1PEPF0002636A:EE_|PH0PR01MB6424:EE_
X-MS-Office365-Filtering-Correlation-Id: 76784d83-8b89-4ab7-3e2f-08dbd575bf09
X-LD-Processed: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b,ExtAddr
X-MS-Exchange-AtpMessageProperties: SA
X-MS-Exchange-SenderADCheck: 0
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: nxptF20h1oY15iTNc+5hf9KxAPmClb4rbkYyX7bkjT4lCf5TIzyr1syRZ2G77SFXoLLTk+GXF0fZAxvv8oNLSmQBT1VHdGwTps4iW+biTDj0EAcQbjmJ7MuebVxNBRb4TPEIxDQMeF+lJdSG/HUhr+dhPJtq/A9LAKUz76o+Oyfw0YPtAYo50lKfEz5D/YDzeZ4CQLiKBI+in+Ab2/mVFVj0Xv7ZGrho4rJaoaHnkwTUmNkiKm+SfifPEwCLvl+jBkoOK0bXADFAjQbEiB+djncPisLvwgHa5iCyZnHZMug1B6VuUbFzDbX09dRRwjShODdTV48s9ocQ/4JYzvZDK36fZl9UIl7OcJWkP5btBvrHkh+q/z0KL0n+XCiyCcIqxUAKDbvhe+c9NX9F4RaWF36yJIC8jCF/xi5qUkQGGq9sEKPdRq6oJXVSaGPlyKoEPpjTgrifNUroadKo7yJwOURb9ipYLYUr+Gi2CxVqkfm1C1GpVaebUyNCjK3pjVE7TPPNLTuFe6KhnEOhyKrAFdLGWZzKpDxtD8rh9qJKqSatMHnMohncme56HTqmq+H08gUKN050Cezj0rIN0vi+HiK4UtHT5IqYae1wGACayqBt5ZaBvgp+vVfxgnnPbcT0OwR3hA+cHIjgWCkTZZeA5HvLyT+Bkf3o0LpHDY+LCl30wOHAE9wFMH8RRzUIWP9iZCpJC4tIRVnMI6SRXftNZg==
X-Forefront-Antispam-Report: CIP:209.85.219.42; CTRY:US; LANG:en; SCL:1; SRV:;
IPV:NLI; SFV:NSPM; H:mail-qv1-f42.google.com; PTR:mail-qv1-f42.google.com;
CAT:NONE;
SFS:(13230031)(4636009)(136003)(396003)(346002)(39860400002)(376002)(64100799003)(61400799006)(451199024)(48200799006)(83380400001)(75432002)(8676002)(5660300002)(33964004)(55446002)(42186006)(68406010)(70586007)(9686003)(54906003)(6666004)(786003)(498600001)(316002)(4326008)(6862004)(2906002)(356005)(7636003)(7596003)(26005)(336012)(83170400001);
DIR:OUT; SFP:1102;
X-Auto-Response-Suppress: DR, OOF, AutoReply
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Oct 2023 16:16:29.6001 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 76784d83-8b89-4ab7-3e2f-08dbd575bf09
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002636A.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR01MB6424
X-OriginatorOrg: mitprod.onmicrosoft.com
X-Content-Filtered-By: Mailman/MimeDel 2.1.34
X-BeenThere: kerberos@mit.edu
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: The Kerberos Authentication System Mailing List <kerberos.mit.edu>
List-Unsubscribe: <https://mailman.mit.edu/mailman/options/kerberos>,
<mailto:kerberos-request@mit.edu?subject=unsubscribe>
List-Archive: <http://mailman.mit.edu/pipermail/kerberos/>
List-Post: <mailto:kerberos@mit.edu>
List-Help: <mailto:kerberos-request@mit.edu?subject=help>
List-Subscribe: <https://mailman.mit.edu/mailman/listinfo/kerberos>,
<mailto:kerberos-request@mit.edu?subject=subscribe>
X-Mailman-Original-Message-ID: <CALF+FNwtDrQ0d+a=zsXyiYq6rhOiXXkqoxUnscwum0Q0wchLJQ@mail.gmail.com>
X-Mailman-Original-References: <202310241950.39OJoa0Z000708@hedwig.cmf.nrl.navy.mil>
<3db2752e-565e-1f64-b354-9031a2fe9334@mit.edu> <ZTiT0ub2uv5A/b4E@ubby21>
<202310251251.39PCpTqc026799@hedwig.cmf.nrl.navy.mil>
<ZTk62q0DIAZmW0eL@ubby21>
 by: Jeffrey Hutzelman - Wed, 25 Oct 2023 16:16 UTC

On Wed, Oct 25, 2023, 11:59 Nico Williams <nico@cryptonector.com> wrote:

> On Wed, Oct 25, 2023 at 08:51:29AM -0400, Ken Hornstein wrote:
> > I think we've lost the thread here; I do not think that any krb5
> > mechanism today ever asserts PROT_READY before GSS_S_COMPLETE, but I
> > would love to be proven wrong.
>
> That's the whole point of being able to use the initiator sub-session
> key: to allow the Kerberos GSS mechanism to assert PROT_READY on the
> first call to GSS_Init_sec_context() even when mutual auth is requested.
>
> Yes, RFC 4121 didn't say so, but it's the point.
>

Yeah; IIRC that was to allow cases where the initiator would send the first
context token in the same packet/message with early data, such as a MIC
binding the exchange to some channel. In retrospect, perhaps it has caused
more trouble than it was worth. We didn't use this in RFC 4462 userauth,
which doesn't use mutual anyway.

In any case, I think the behavior Ken is seeing is that the initiator
doesn't even assert a subkey -- it always uses the ticket session key. That
seems... unfortunate.

-- Jeff

>

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor