Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Whoa...I did a 'zcat /vmlinuz > /dev/audio' and I think I heard God... -- mikecd on #Linux


devel / comp.protocols.kerberos / Using PKINIT with ECC

SubjectAuthor
o Using PKINIT with ECCGoetz Golla

1
Using PKINIT with ECC

<mailman.52.1700108746.2263420.kerberos@mit.edu>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=430&group=comp.protocols.kerberos#430

 copy link   Newsgroups: comp.protocols.kerberos
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!tncsrv06.tnetconsulting.net!.POSTED.mailman.mit.edu!not-for-mail
From: mit...@sec4mail.de (Goetz Golla)
Newsgroups: comp.protocols.kerberos
Subject: Using PKINIT with ECC
Date: Thu, 16 Nov 2023 05:22:25 +0100
Organization: TNet Consulting
Lines: 78
Message-ID: <mailman.52.1700108746.2263420.kerberos@mit.edu>
References: <8984fe41-f9a0-434b-a09c-df2bc88125dc@sec4mail.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: tncsrv06.tnetconsulting.net; posting-host="mailman.mit.edu:18.7.21.50";
logging-data="28337"; mail-complaints-to="newsmaster@tnetconsulting.net"
User-Agent: Mozilla Thunderbird
To: kerberos@mit.edu
DKIM-Filter: OpenDKIM Filter v2.11.0 unknown-host (unknown-jobid)
Authentication-Results: mailman.mit.edu;
dkim=pass (1024-bit key, unprotected) header.d=mitprod.onmicrosoft.com
header.i=@mitprod.onmicrosoft.com header.a=rsa-sha256
header.s=selector2-mitprod-onmicrosoft-com header.b=GDRoNWO8;
dkim=pass (2048-bit key,
unprotected) header.d=sec4mail.de header.i=@sec4mail.de header.a=rsa-sha256
header.s=default header.b=fLoC2Ccq
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=ZMUtwJrmPDBQp/DAzDm//quY/2RQgpeZLLkCLxg8ByJbjnc7P9DgM0SFuTYkuTC/nVFBhC/CtLFuxwsk4SmX71xBtLumXFLjnNfVjXLauS1Finry1MiXgVArOKs2OHE6f+20lbdLsI5hCIhERjd1mnDVIiKAzjduzBrf8XvzTlLzko176vAtNRbEoOhTP3qoiPMFfO8kb8u5fVde4N9QwJ4oyPYv4UcAVA/maIViPP7pSP8DiJtq2SkrBs7v39xvtekxFYF2JOof/fBnq3vxgzZQrmlJOYCbZcPA4xTF2XmszqSV7fHRfo/L3n8KupcDLa55cPAsetquPaBagpE02Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=zPqU3gpgn275RHY/H5Rj7PCXuUJaD0NB8z+ksWMRceI=;
b=Jx3icueXDW6h4Fk9tHLil/3ALnu2bEnOS21oIOoJyOcZfimXJCZnWtU+7uToh/BiHH328hBo/k8VuWFH1wwyB+UJRgD0E+eJULh9KIttu1Uom3VpNsoAXi0+56jHkFTP8Tk8um9zjLM5jcR8tVg4nJXdEe5iwTfsHEfPwvZ//5iXaLCmTuwcuTsUSpL2waMvX/sTRD6PhJS4Jan+DPnMXnvn7ykGSs/wRcnKXj5apEewtd0L/ac217BUysLA+tdLQ8o0wInhzgAEATOvhorQdmKeW3J6p+POKk/WtHCQVIxNItc0RkfUaskLYKbG+/HNafJQHNunO22ZSddmXQpDJA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
31.220.85.254) smtp.rcpttodomain=mit.edu smtp.mailfrom=sec4mail.de;
dmarc=bestguesspass action=none header.from=sec4mail.de; dkim=pass (signature
was verified) header.d=sec4mail.de; arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=mitprod.onmicrosoft.com; s=selector2-mitprod-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=zPqU3gpgn275RHY/H5Rj7PCXuUJaD0NB8z+ksWMRceI=;
b=GDRoNWO83rpuB+DOGpWZwzbaWLfn1DLCXvbT1PutkKJxL4KYha9Uu4qdC+COXyMRyGDnXznwwSBcIddEnMM1Sfbnl/5UgBe9c3FLlRMaF29521o8W4LcEIbC4DaOO075siADxquBO+m9xs53uMiolVD/iC3k9mwNE14np6y4fHc=
Authentication-Results: spf=pass (sender IP is 31.220.85.254)
smtp.mailfrom=sec4mail.de; dkim=pass (signature was verified)
header.d=sec4mail.de; dmarc=bestguesspass action=none header.from=sec4mail.de;
Received-SPF: Pass (protection.outlook.com: domain of sec4mail.de designates
31.220.85.254 as permitted sender) receiver=protection.outlook.com;
client-ip=31.220.85.254; helo=vmd109154.contaboserver.net; pr=C
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sec4mail.de;
s=default; t=1700108545;
bh=g+Au+SsT0g1Mb+qq1Uy9og4lrq3mw3CL4Ru4Rx3nrAg=;
h=Date:From:Subject:To:From;
b=fLoC2Ccq2Yr4iymf0p2rvNiA1NrafIWcrz0LLec9V0hSpE/OsSlH4SB7XxCnUQPbn
PvcO6KfrxUXsIxL+VzUdDFFaWx4jIgVZXg7vy80A5mnm1J+esYRD7phzl2D4Q9/FQp
ZTZUYYXru+nxJiRmBFoR0v0jh/spxqdVEu38SOLw8sERBe6o8mNXCS3tSsrLcK5iyn
qOw/2nm48RDHtqOZ6U0sfeyz96bJ5PKQoiLdndHe2572nQpM7iksCgWZAkBE1gXrVI
y/+MXuLgSWVve23coNGVnm6wolYmK9lRMbTkhXxnVMgmevTLulZMXNdi6hG4ZvMySd
peb//eZf95oFA==
Content-Language: en-US
X-EOPAttributedMessage: 0
X-EOPTenantAttributedMessage: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b:0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECDB:EE_|BY3PR01MB6753:EE_
X-MS-Office365-Filtering-Correlation-Id: 61e5b5d8-5569-45c3-0ffa-08dbe65ba414
X-LD-Processed: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b,ExtAddr
X-MS-Exchange-AtpMessageProperties: SA
X-MS-Exchange-SenderADCheck: 0
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: wFmskkrFG6fhqklEy9kdggRsRrtvIVNmGUbafSK7oHPueabu7XjqWhSPzDub/vFbCCJ7JZPGsTJ2j5RY7GgYsTb546phiteR75Q/yk8FcmplHiFhVeUD00DPfs37ichZmI3UHBHX7O1DWTcHWfSP5uCoo0I79i2Itx2EqVMD/YmwyDOOmJF23dI8nZgWVxl59VWKVw/7JMlUrVj7FdZfErp5ZGZDZZ2g2yuLVIEEKStZSA/17qw5C0TSjeE2HGW6kztL1rp2VwKIDcXSI+NG8OvZA0S5itF+qVP7ossnhIbvMt3jBePPNHBW3WdWOSoaUckQA+FWxKJQdlsBaNCIpJNYFFMeqO/iHIIUhx+Y9FDXHCzlt2RTH5tqgoWxcesjKE+HqD9FFXEZ1Dizpo4W3ZIi4Zr9sDaI/MK2c6f7VOR4MtipsTgr4LS6rvJIXRH9M+qXNxwNevdmcxwFgqicIX2NSLMwu6MaIuB1VrwqZ7wbU2Y27TOX3IQ26RgFqAb3garnQ1Z4F4D1P65yj0sMcD5FY+PDX+JTeGs6/hl8I2Hh3JdUmlg+j1XI2l8Pw7vEYiUWCZkuLYT2AIBUf+S0nhuozJgIJxCWfl9WPC9XQQ532CJU4u4tBmMDLOI1XqEvYvftIduvrFZ9mEo5gxSum3kcPPw+vWll0xY9FWUr2celtsFfyjzcuz2XCavoWmn/9Uf8AlywTznsM3vgtJWKMlUjIj+FmVHTRmgaNxswmpg=
X-Forefront-Antispam-Report: CIP:31.220.85.254; CTRY:DE; LANG:en; SCL:1; SRV:;
IPV:NLI; SFV:NSPM; H:vmd109154.contaboserver.net;
PTR:vmd109154.contaboserver.net; CAT:NONE;
SFS:(13230031)(4636009)(396003)(39860400002)(376002)(346002)(136003)(64100799003)(48200799006)(61400799009)(451199024)(2906002)(2616005)(34206002)(36756003)(6266002)(8676002)(336012)(26005)(956004)(31686004)(6966003)(31696002)(86362001)(5660300002)(316002)(786003)(68406010)(70586007)(498600001)(3480700007)(7636003)(356005)(7596003)(83380400001)(66899024)(43740500002);
DIR:OUT; SFP:1102;
X-Auto-Response-Suppress: DR, OOF, AutoReply
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Nov 2023 04:22:27.0060 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 61e5b5d8-5569-45c3-0ffa-08dbe65ba414
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECDB.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY3PR01MB6753
X-OriginatorOrg: mitprod.onmicrosoft.com
X-BeenThere: kerberos@mit.edu
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: The Kerberos Authentication System Mailing List <kerberos.mit.edu>
List-Unsubscribe: <https://mailman.mit.edu/mailman/options/kerberos>,
<mailto:kerberos-request@mit.edu?subject=unsubscribe>
List-Archive: <http://mailman.mit.edu/pipermail/kerberos/>
List-Post: <mailto:kerberos@mit.edu>
List-Help: <mailto:kerberos-request@mit.edu?subject=help>
List-Subscribe: <https://mailman.mit.edu/mailman/listinfo/kerberos>,
<mailto:kerberos-request@mit.edu?subject=subscribe>
X-Mailman-Original-Message-ID: <8984fe41-f9a0-434b-a09c-df2bc88125dc@sec4mail.de>
 by: Goetz Golla - Thu, 16 Nov 2023 04:22 UTC

Hello there,

in our organisation we are successfully using PKINIT with RSA 2048
client certificates for many years. We are now trying to move to ECC
certificates with the curve secp384r1.

All attempts have been unsuccessful yet.

We are using the Kerberos Version 1.17.x that comes with Ubuntu 20.04,
and we are living in a linux only datacenter.

Tracing kinit gives the following anonymized result.

[11061] 1700039487.898263: Getting initial credentials for user@REALM
[11061] 1700039487.898265: Sending unauthenticated request
[11061] 1700039487.898266: Sending request (187 bytes) to REALM
[11061] 1700039487.898267: Sending initial UDP request to dgram ip:88
[11061] 1700039487.898268: Received answer (323 bytes) from dgram ip:88
[11061] 1700039487.898269: Response was from master KDC
[11061] 1700039487.898270: Received error from KDC:
-1765328359/Additional pre-authentication required
[11061] 1700039487.898273: Preauthenticating using KDC method data
[11061] 1700039487.898274: Processing preauth types: PA-PK-AS-REQ (16),
PA-PK-AS-REP_OLD (15), PA-PK-AS-REQ_OLD (14), PA-FX-FAST (136),
PA-ETYPE-INFO2 (19), PA-PKINIT-KX (147), PA-ENC-TIMESTAMP (2),
PA_AS_FRESHNESS (150), PA-FX-COOKIE (133)
[11061] 1700039487.898275: Selected etype info: etype aes256-cts, salt
"REALMuser", params ""
[11061] 1700039487.898276: Received cookie: MIT
[11061] 1700039488.76900: Preauth module pkinit (147) (info) returned:
0/Success
[11061] 1700039488.76901: PKINIT client received freshness token from KDC
[11061] 1700039488.76902: Preauth module pkinit (150) (info) returned:
0/Success
[11061] 1700039491.317246: PKINIT loading CA certs and CRLs from DIR
[11061] 1700039491.317247: PKINIT client computed kdc-req-body checksum
9/CE1E7C16A71A8DC285A707FB43CB8DEF7EC184F0
[11061] 1700039491.317249: PKINIT client making DH request
[11061] 1700039491.317250: Preauth module pkinit (16) (real) returned:
-1765328360/Preauthentication failed
[11061] 1700039491.317251: PKINIT client ignoring draft 9 offer from RFC
4556 KDC
[11061] 1700039491.317252: Preauth module pkinit (15) (real) returned:
-1765328360/Preauthentication failed
[11061] 1700039491.317253: PKINIT client ignoring draft 9 offer from RFC
4556 KDC
[11061] 1700039491.317254: Preauth module pkinit (14) (real) returned:
-1765328360/Preauthentication failed
[11061] 1700039492.894873: AS key obtained for encrypted timestamp:
aes256-cts/CAD7
[11061] 1700039492.894875: Encrypted timestamp (for 1700039492.190872):
plain 301AA011180F32303233313131353039313133325AA105020302E998,
encrypted
930F652AFE54AD71886006DD4D8AE2E016970562C3772564DD1F6B70245B331CD06CBCAD3A6FB4B9CC577A070A099B3863C8A93FA02EA74C
[11061] 1700039492.894876: Preauth module encrypted_timestamp (2) (real)
returned: 0/Success

[11061] 1700039492.894877: Produced preauth for next request:
PA-FX-COOKIE (133), PA-ENC-TIMESTAMP (2)

For the following questions we did not find any answers in the MIT
Kerberos documentation:

* Does MIT Kerberos support PKINIT with Elliptic Curves as described
in RFC 5349 ?
* Could it be that for ECC client certificates the KDC certificate
also needs the be ECC ?
* If thats true, how can we than migrate from RSA to ECC certificates
for PKINIT ?

Any help is appreciated.

Regards,

Goetz

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor