{"id":23515,"date":"2021-03-25T15:16:44","date_gmt":"2021-03-25T19:16:44","guid":{"rendered":"https:\/\/michigan.it.umich.edu\/news\/?p=23515"},"modified":"2024-07-08T06:04:34","modified_gmt":"2024-07-08T10:04:34","slug":"kerberos-upgrade-will-end-support-for-des-encryption","status":"publish","type":"post","link":"https:\/\/michigan.it.umich.edu\/news\/2021\/03\/25\/kerberos-upgrade-will-end-support-for-des-encryption\/","title":{"rendered":"Kerberos upgrade will end support for DES encryption"},"content":{"rendered":"\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"600\" height=\"350\" src=\"https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin-600x350.jpg\" alt=\"World map overlaid with binary code and a padlock\" class=\"wp-image-23516\" srcset=\"https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin-600x350.jpg 600w, https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin-300x175.jpg 300w, https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin-768x448.jpg 768w, https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin-665x388.jpg 665w, https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin.jpg 1280w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/figure><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">To improve security, ITS will upgrade <a href=\"https:\/\/its.umich.edu\/accounts-access\/identity-access-management\/kerberos\">Kerberos<\/a> to version 1.18 in summer 2021 (likely in August). The upgrade will disable support for <a href=\"https:\/\/en.wikipedia.org\/wiki\/Data_Encryption_Standard\">Data Encryption Standard<\/a> (DES), which is an insecure and deprecated encryption type. Some systems at U-M are still using Kerberos with DES and will need to be updated.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Next steps: Notifications to specific contacts regarding system updates<\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The ITS Identity and Access Management Operations Team has identified systems that are, or may be, using Kerberos with DES based on authentications to the Kerberos servers.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If a potentially impacted system has been identified:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Targeted email notifications will be sent to the contacts for those systems to provide detailed next steps or to ask for more information.<\/li><\/ul>\n\n\n\n<ul class=\"wp-block-list\"><li>Depending on the system or service, DES may need to be replaced with a different encryption standard, a system may need configuration changes, or a system may need to be upgraded if it only supports DES.<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">If you receive a targeted notification regarding this upgrade, please respond as specified in the email or share it with those who may be responsible for the impacted systems in your unit.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>To improve security, ITS will upgrade Kerberos to version 1.18 in summer 2021 (likely in August). The upgrade will disable support for Data Encryption Standard (DES), which is an insecure and deprecated encryption type.<\/p>\n","protected":false},"author":68,"featured_media":23516,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","_umich_oidc_access":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_ef_editorial_meta_date_first-draft-date":"","_ef_editorial_meta_paragraph_assignment":"","_ef_editorial_meta_checkbox_needs-photo":"","_ef_editorial_meta_number_word-count":"","footnotes":""},"categories":[7,27],"tags":[428],"class_list":["post-23515","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-projects-services","category-safe-computing","tag-encryption"],"uagb_featured_image_src":{"full":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin.jpg",1280,746,false],"thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin-400x266.jpg",400,266,true],"medium":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin-300x175.jpg",300,175,true],"medium_large":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin-768x448.jpg",665,388,true],"large":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin-600x350.jpg",600,350,true],"1536x1536":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin.jpg",1280,746,false],"2048x2048":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin.jpg",1280,746,false],"excerpt-thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin-200x140.jpg",200,140,true],"themonic-thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin-60x42.jpg",60,42,true],"ioslider-thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin-658x300.jpg",658,300,true],"post-thumbnail":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin-665x388.jpg",665,388,true],"400x250-crop":["https:\/\/michigan.it.umich.edu\/news\/wp-content\/uploads\/2021\/03\/global-security-1734189_1280-Matthew-Martin-400x266.jpg",376,250,true]},"uagb_author_info":{"display_name":"Matt Martin, ITS Privacy Office","author_link":"https:\/\/michigan.it.umich.edu\/news\/author\/mattmart\/"},"uagb_comment_info":0,"uagb_excerpt":"To improve security, ITS will upgrade Kerberos to version 1.18 in summer 2021 (likely in August). The upgrade will disable support for Data Encryption Standard (DES), which is an insecure and deprecated encryption type.","_links":{"self":[{"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/posts\/23515","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/comments?post=23515"}],"version-history":[{"count":2,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/posts\/23515\/revisions"}],"predecessor-version":[{"id":23549,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/posts\/23515\/revisions\/23549"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/media\/23516"}],"wp:attachment":[{"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/media?parent=23515"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/categories?post=23515"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/michigan.it.umich.edu\/news\/wp-json\/wp\/v2\/tags?post=23515"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}