Score:0

Why are des-cbc-hmac and rc4-hmac-exp considered weak in kerberos?

cn flag
adi

Kerberos uses des-cbc-hmac (mac and encrypt) and rc4-hmac-exp based on md5 (mac and encrypt I think) in their encryptions.

Those encryptions are considered as weak and should not be used. Why are they considered as weak? What attacks can be launched against those encryptions?

Score:2
ng flag
hft

Kerberos uses des-cbc-hmac (mac and encrypt) and rc4-hmac-exp based on md5 (mac and encrypt I think) in their encryptions.

Those encryptions are considered as weak and should not be used. Why are they considered as weak? What attacks can be launched against those encryptions?

Regarding the ciphers:

  • DES is considered to be a weak block cipher because the key length is relatively short. This is one reason why "triple DES" (3DES) was created.
  • RC4 is a stream cipher that suffers from a variety of different vulnerabilities detailed, for example, on the RC4 Wikipedia page.

Regarding the cipher mode: Cipher block chaining (CBC) is not easily parallelizable, so other modes like CCM or GMC might be preferred.

Regarding authenticated encryption: It is usually accepted that "encrypt then MAC" is better than "MAC then encrypt" and both are better than "MAC and encrypt." See, for example, section 5.3 of Introduction to Modern Cryptography (3rd Edition) by Katz and Lindell. Those authors use the terms "encrypt-and-authenticate" vs "authenticate-then-encrypt" vs "encrypt-then-authenticate."

adi avatar
cn flag
adi
I see. But does not the authenticated encryption protect it from these attacks?
hft avatar
ng flag
hft
Which attacks? For example, the DES block cipher has a weak/short key length regardless of the mode and regardless of the authenticated encryption scheme.
adi avatar
cn flag
adi
I see, so the attacker can read the data. Same thing for the rc4. But can he change the data in some way - does not the mac protect it?
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.