Summary

Support the two new encryption types "aes128-cts-hmac-sha256-128" and "aes256-cts-hmac-sha384-192" as defined in RFC 8009.

Problem

The new encryption types are using stronger HMAC algorithms based on SHA256 and SHA384. Both MIT krb5 and Heimdal have supported them in their latest releases. The RFC was published on October 2016.

Solution

Adding support for the two new encryption types.

Specification

• Two new encryption type names defined:
  • aes128-cts-hmac-sha256-128, etype number 19, with alias aes128-sha2
  • aes256-cts-hmac-sha384-192, etype number 20, with alias aes256-sha2
• New aliases defined for existing encryption types:
  • aes128-sha1 for aes128-cts-hmac-sha1-96
  • aes256-sha1 for aes256-cts-hmac-sha1-96
• The new preference order will be "aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 des3-cbc-sha1 arcfour-hmac-md5 des-cbc-crc des-cbc-md5"

The names and preference order are the same with the latest release (1.15) of MIT krb5, the reference implementation of Kerberos 5.

These changes will be added into the JDK 11 version of https://docs.oracle.com/javase/8/docs/technotes/guides/security/jgss/jgss-api-mechanism.html. (Please note the JDK 9 doc on this topic is still in migration).