3.4. The KRB_SAFE Exchange
Overview
The KRB_SAFE message provides integrity protection for application data exchanged between principals. It does not provide confidentiality - the data is sent in cleartext but protected by a keyed checksum.
Purpose
KRB_SAFE is used when:
- Integrity protection is required
- Confidentiality is not needed
- Lower overhead than encryption is desired
Message Structure
KRB_SAFE contains:
- User data (in cleartext)
- Timestamp (for replay detection)
- Sequence number (optional)
- Sender and recipient addresses (optional)
- Keyed checksum (provides integrity)
Generation of KRB_SAFE Message
Sender:
- Constructs message with user data
- Adds timestamp and optional sequence number
- Computes keyed checksum over entire message
- Transmits message with checksum
Receipt of KRB_SAFE Message
Receiver:
- Recomputes checksum using shared key
- Compares computed checksum with received checksum
- Verifies timestamp (replay protection)
- Checks sequence number if used
- Accepts or rejects message based on validation
Security Properties
- Integrity: Keyed checksum prevents tampering
- Replay Protection: Timestamp and sequence number
- No Confidentiality: Data is transmitted in cleartext
Reference
For complete technical details, refer to RFC 4120 Section 3.4.