logo_kerberos.gif

Difference between revisions of "User:TomYu/PKINIT notes"

From K5Wiki
Jump to: navigation, search
(New page: == Diffie-Hellman == * Oakley MODP groups (used in PKINIT) have safe primes as moduli ** These primes don't satisfy the OpenSSL DH_check() tests, so there can be some confusion when debug...)
(No difference)

Revision as of 16:35, 8 April 2013

Diffie-Hellman

  • Oakley MODP groups (used in PKINIT) have safe primes as moduli
    • These primes don't satisfy the OpenSSL DH_check() tests, so there can be some confusion when debugging
    • The generator generates the subgroup of order q instead of the whole group. (OpenSSL wants it to generate the whole group -- the test is p = 11 mod 24, which includes the test p = 3 mod 8, which is false if 2 is a quadratic residue mod p.)
  • Windows 7 clients omit the q value in DomainParameters when sending PA-PK-AS-REQ [krbdev.mit.edu #7596]
  • Even after allowing the omission of the q value, Windows 7 doesn't seem to deal with Diffie-Hellman group negotiation. (The KDC has to accept the 1024-bit modulus, because the counterproposal of the 2048-bit modulus fails on the client somehow.)