[cifs-protocol] [REG:115021012380586] Timer events in MS-BKRP - when should we roll over keys?

Edgar Olougouna edgaro at microsoft.com
Thu Mar 19 15:19:49 MDT 2015 

Andrew,
MS-BKRP will be updated to reflect the following. 
The current (preferred) key is rolled over 90 days from creation, this is non configurable in Windows. When a new key is created, the expiration date of 90 days is calculated and saved with the associated key guid. Expiration is detected when the key is used (attempted to be used) for encryption. If the key has expired, key roll over should occur and encryption creates and uses a new key. Expired keys remain available for decryption only. Encryption only uses the preferred key. 
Thanks again for helping us improve the specs.

Thanks,
Edgar

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org] 
Sent: Thursday, February 12, 2015 5:58 PM
To: Edgar Olougouna
Cc: cifs-protocol at lists.samba.org; MSSolve Case Email
Subject: Re: [REG:115021012380586] Timer events in MS-BKRP - when should we roll over keys?

On Wed, 2015-02-11 at 12:21 +1300, Andrew Bartlett wrote:
> On Tue, 2015-02-10 at 22:04 +0000, Edgar Olougouna wrote:
> > Andrew,
> > I will take a look and follow-up. 
> > Considering that NotBefore/NotAfter properties specify the date 
> > range within which the certificate is valid, are you asking whether 
> > this is any renewal upon/after expiry?
> 
> Yes.
> 
> > I need to look at how the certificate is generated at the first 
> > place, perhaps the protocol has some error condition that would 
> > trigger refreshing the certificate, unless this is outside the 
> > protocol I will find out.
> > I am trying to get a good scope of what you mean by "roll over keys".
> 
> So, the above, and for the symmetric keys the general principal in 
> cryptography that you try not to use the same key forever, because it 
> could be broken, and that would expose everything.
> 
> The protocol clearly has scope for the preferred key to change 
> (decrypt old data with old keys, but encrypt new data with a new day), 
> but as described, it never would.

BTW, I tried to manually roll over the keys by deleting G$BCKUPKEY_P, but it appears to cache it at runtime, as no new G$BCKUPKEY_P appeared until I rebooted the server.

Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the cifs-protocol mailing list