Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8274655

Consider disabling certain weak checksum types

    XMLWordPrintable

    Details

      Description

      In, RFC 6649 and 8429:

         Kerberos implementations and deployments SHOULD NOT implement or
         deploy the following checksum types: CRC32(1), RSA-MD4(2),
         RSA-MD4-DES(3), DES-MAC(4), DES-MAC-K(5), RSA-MD4-DES-K(6),
         RSA-MD5-DES(8) (updates [RFC4120]).

         Kerberos implementations and deployments SHOULD NOT implement or
         deploy the following checksum types: RSA-MD5(7), RSA-MD5-DES3(9),
         HMAC-SHA1-DES3-KD(12), and HMAC-SHA1-DES3(13) (updates [RFC3961] and
         [RFC4120]).

      While we do not create these checksum types ourselves (when allow_weak_crypto = false and no default_checksum), we still accept them in incoming messages. This is not a security issue because they are always embedded in either an encrypted Authenticator or an encrypted PA-FOR-USER-ENC.

      That said, we can consider adding a new setting to reject them as well.

      Note: PA-FOR-USER-ENC is defined to always use CKSUMTYPE_HMAC_MD5_ARCFOUR and it should be able to use it even if this setting is introduced.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            weijun Weijun Wang
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: