[1266] in Kerberos
Re: timestamp in authentication process
daemon@ATHENA.MIT.EDU (don@ATHENA.MIT.EDU)
Thu Feb 28 20:53:17 1991
From: don@ATHENA.MIT.EDU
To: leendert@cs.vu.nl (Leendert van Doorn)
Cc: kerberos@ATHENA.MIT.EDU
In-Reply-To: Your message of 28 Feb 91 16:26:36 +0000. <9140@star.cs.vu.nl>
Date: Thu, 28 Feb 91 20:18:03 EST
mr. van doorn, please see the paper, "limitations of kerberos," by bellovin and
merrit, in the oct '90 computer communications review, for a good discussion of
kerberos' need for authenticated time-service. to make a long story short,
there are many ways to modify kerberos, that would avoid the need to
synchronize, and time-synchronization wasn't a frivolous decision. the paper,
if i remember correctly, discusses why kerberos moved to timestamps, and away
from n & s' challenge/response (among other things). if bellovin and merritt
don't describe the original problem to your satisfaction, there's an excellent
paper on protocol-design, which i know does discuss kerberos' evolution from
n & s in some detail: burrows, abadi, and needham, "a logic of authentication,"
proc. r. soc. lond. A 426(1989) pp. 233-271 . this paper is also available
from digital systems research center, as a technical report; an abridged version
of the paper appeared in sosp '90.
-don davis, mit project athena staff
