Fix Version/s: 11
Compatibility Risk Description:The new etypes are not the most preferred one. Even if preferred, the KDC will always generate tickets and session keys that are known to be supported by all parties.
(I'd rather choose None but it's not allowed.)
Support the two new encryption types "aes128-cts-hmac-sha256-128" and "aes256-cts-hmac-sha384-192" as defined in RFC 8009.
The new encryption types are using stronger HMAC algorithms based on SHA256 and SHA384. Both MIT krb5 and Heimdal have supported them in their latest releases. The RFC was published on October 2016.
Adding support for the two new encryption types.
- Two new encryption type names defined:
- aes128-cts-hmac-sha256-128, etype number 19, with alias aes128-sha2
- aes256-cts-hmac-sha384-192, etype number 20, with alias aes256-sha2
- New aliases defined for existing encryption types:
- aes128-sha1 for aes128-cts-hmac-sha1-96
- aes256-sha1 for aes256-cts-hmac-sha1-96
- The new preference order will be "aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 des3-cbc-sha1 arcfour-hmac-md5 des-cbc-crc des-cbc-md5"
The names and preference order are the same with the latest release (1.15) of MIT krb5, the reference implementation of Kerberos 5.
These changes will be added into the JDK 11 version of https://docs.oracle.com/javase/8/docs/technotes/guides/security/jgss/jgss-api-mechanism.html. (Please note the JDK 9 doc on this topic is still in migration).