4,453
社区成员
发帖
与我相关
我的任务
分享Kerberos 里面的 salt code 是个啥东西?
kerberos 里面的 salt code 是个啥东西? 偶的作业,就着个地方有疑点,大侠多指点。
...全文
请发表友善的回复…
发表回复
Cixy 2004-10-14
- 打赏
- 举报
sutulp...............my email is ts644, I'd like to be your new friend:)
Cixy 2004-09-17
- 打赏
- 举报
不能给自己分?!。。。多问个好了
DES里每轮的f(k,r)到底干了什么?
DES里每轮的f(k,r)到底干了什么?
Cixy 2004-09-17
- 打赏
- 举报
盐码,捣乱用的,能降低字典攻击的成功率
唉~~~楼上的,适当的给点分你吧,虽然你说的那个是ticket
唉~~~楼上的,适当的给点分你吧,虽然你说的那个是ticket
sutulp 2004-09-17
- 打赏
- 举报
salt code是随机数,因为密码太短了要加长保证安全。
PS怎么不在webct里面问呢?跑这里来?
PS怎么不在webct里面问呢?跑这里来?
mgphuang 2004-09-16
- 打赏
- 举报
指票据吧。认证过后的结果,里面有访问资源的列表和时间戳等。
Cixy 2004-09-15
- 打赏
- 举报
唉,发上来就变了。。。不知道能不能有帮助,总之盼回复了
Cixy 2004-09-15
- 打赏
- 举报
Keys, passwords, and salts should be stored in proper ¯les, companied along with the correspond-
ing program. For example, AS's key ¯le(s), password ¯le, and salt ¯le should be placed in the
directory where the AS's program resides (see later description on the directory organisation).
Your simple \Kerberos" protocol is given below:
0. User enters his username (U) and password (pw) to C.
1. C ! AS: U, c.
c = pw © s © (SkTimestamp).
© denotes XOR. Repeat pw and s if the size of not su±cient.
k denotes a bitwise concatenation.
s is the corresponding salt code.
AS can decrypt c with c © pw © s = SkTimestamp.
2. AS ! C: c2.
c2 = pw © s © Signdas(kcs; Timestamp); Ticket,
where Ticket = Ees(Signdas(kcs;C; Timestamp)).
Signx(M) denotes the signature on M signed with private key x.
Ey(M) denotes the encryption of M using public key y.
1
Timestamp is the current system time.
kcs is the session key that will be shared between C and S.
C decrypts c2 with pw and s, i.e., c2 ©pw ©s = Signdas(kcs; Timestamp). C then veri¯es
the signature with the public key of AS. If fails, an error message should pop up. Note
that Signdas(kcs; Timestamp) represents the parameter, signed part, and the message.
3. C ! S: Ticket.
S decrypts it using its corresponding private key ds and then veri¯es the signature.
4. S ! C: kcs © Connected,
which is then decrypted and \Connected" is then displayed in Client's screen.
5. C ! S: Message © kcs.
Upon receiving it, S decrypts it to obtain Message which could be any string.
6. S ! C: (Got Message) © kcs.
The \Got Message" will be printed on the client's screen, after decryption.
Steps 5 and 6 can be repeated until the user enters exit.
For simplicity, we have utilised XOR as a symmetric-key cipher.
The program must be implemented by incorporating TCP socket programming (either in C++
or Java). The examples of TCP sockets for both C++ and Java are provided (see the WebCT).
ing program. For example, AS's key ¯le(s), password ¯le, and salt ¯le should be placed in the
directory where the AS's program resides (see later description on the directory organisation).
Your simple \Kerberos" protocol is given below:
0. User enters his username (U) and password (pw) to C.
1. C ! AS: U, c.
c = pw © s © (SkTimestamp).
© denotes XOR. Repeat pw and s if the size of not su±cient.
k denotes a bitwise concatenation.
s is the corresponding salt code.
AS can decrypt c with c © pw © s = SkTimestamp.
2. AS ! C: c2.
c2 = pw © s © Signdas(kcs; Timestamp); Ticket,
where Ticket = Ees(Signdas(kcs;C; Timestamp)).
Signx(M) denotes the signature on M signed with private key x.
Ey(M) denotes the encryption of M using public key y.
1
Timestamp is the current system time.
kcs is the session key that will be shared between C and S.
C decrypts c2 with pw and s, i.e., c2 ©pw ©s = Signdas(kcs; Timestamp). C then veri¯es
the signature with the public key of AS. If fails, an error message should pop up. Note
that Signdas(kcs; Timestamp) represents the parameter, signed part, and the message.
3. C ! S: Ticket.
S decrypts it using its corresponding private key ds and then veri¯es the signature.
4. S ! C: kcs © Connected,
which is then decrypted and \Connected" is then displayed in Client's screen.
5. C ! S: Message © kcs.
Upon receiving it, S decrypts it to obtain Message which could be any string.
6. S ! C: (Got Message) © kcs.
The \Got Message" will be printed on the client's screen, after decryption.
Steps 5 and 6 can be repeated until the user enters exit.
For simplicity, we have utilised XOR as a symmetric-key cipher.
The program must be implemented by incorporating TCP socket programming (either in C++
or Java). The examples of TCP sockets for both C++ and Java are provided (see the WebCT).
