First page Back Continue Last page Summary Graphics
Case Study: Kerberized telnet
The DES library wanted 56-bit keys plus proper parity, in a 64-bit number.
The generate a 64-bit random key code used by telnet didnt set the parity bits properly.
When handed a bad key, the DES library treated the key as all zeroes.
With probability 255/256, the session was encrypted with a known, constant key!