- ...
key1
- Secret and private are often used
interchangeably in the literature. In our usage, it takes two (or
more) to share a secret, thus a shared DES key is a secret key.
Something is only private when no one but its owner knows it. Thus,
in public key cryptosystems, one has a public and a private key.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
- ...credentials.2
- In Kerberos V4, the ``ticket file'' was a bit of
a misnomer, since it contained both tickets and their associated session
keys. In Kerberos V5, the ``ticket file'' has been renamed to be the
credentials cache.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
- ...
guar\-an\-teed3
- Using
krb5_mk_safe and krb5_rd_safe to create and
verify KRB5_SAFE messages
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
- ... checksum4
- aka cryptographic checksum,
elsewhere this is called a hash or digest function
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
- ... secured5
- Using
krb5_mk_priv and krb5_rd_priv to create and
verify KRB5_PRIV messages
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
- ...
path6
- An authentication path is the sequence of
intermediate realms that are transited in communicating from one realm
to another.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
- ...
communicates7
- A realm is said to communicate with
another realm if the two realms share an inter-realm key
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
- ... paths8
- These might be established to make communication
between two realms more efficient
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
- ...
KEYTYPE_NULL,9
- See RFC section 6.3.1
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
- ...
KEYTYPE_DES.10
- See RFC section 6.3.4
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
- ... there11
- i.e., srvtab file in
Kerberos V4 parlance
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.