GSSAPI FIPS compliant AES encryption

Griff James 1

Are there any plans in the pipeline to update MSFT's GSSAPI implementation to add support for AES-256 encryption?

I know that no RFC currently exists for this, the strongest session key supported by the RFCs is 3DES which is deprecated.

On a related note the NTLMv2, SMB and NETLOGON protocols are also lagging behind with only AES-128 being supported. Any plans to update these as well?

thx

Jeff McCashland 476 Reputation points Microsoft Employee

2022-12-15T17:41:01.393+00:00

Hello @Griff James ,

Encryption in GSSAPI is done by implementation libraries used by GSS wrappers. The implementation libraries may be updated without changing the wrappers. For example, Kerberos initially didn’t support AES encryption types, however support was added later while the wrapper essentially stayed the same.

Your comment about NETLOGON supporting only AES-128 at this time is correct. However, SMB currently has support for AES-256. As we add features and tighten security, you’ll see support for stronger encryption types in the products, but not all products will adopt them at the same time. Beyond that, we cannot comment on specific future plans.

If you have a specific question or problem around the lack of AES-256 encryption, please provide more details about your issue so that we can investigate further.

Thank you,
Jeff McCashland
Microsoft Open Specifications

Share via

GSSAPI FIPS compliant AES encryption

Your answer