[1011] in Kerberos
Re: Why is initial user authentication done the way it is?
daemon@ATHENA.MIT.EDU (Steve Lunt)
Fri Jun 15 10:41:30 1990
Date: Fri, 15 Jun 90 09:40:23 -0400
From: Steve Lunt <lunt@ctt.bellcore.com>
To: pit-manager.MIT.EDU!jik@bellcore.bellcore.com
Cc: athena.mit.edu!kerberos@bellcore.bellcore.com
I would add to this list below (arguably most important) that under Unix, /etc/passwd is protected by the Unix access control mechanism, so that Unix may enforce password screening, whereas the Kerberos database is protected by a mechanism which doesn't allow it to know by what password its keys are based.
-- Steve
Steven J. Lunt | lunt@ctt.bellcore.com | RRC 1L-213
Computer Security Technology |-------------------------| 444 Hoes Lane
Bellcore | (201) 699-4244 | Piscataway, NJ 08854
From: "Jonathan I. Kamens" <jik@pit-manager.MIT.EDU>
First of all, let me reiterate why I still think this is a problem.
In the description below, "Unix" is short for the tradiitional Unix
authentication system:
1. Under Unix, you have to have an account on a properly configured
machine in order to get a hole of the passwd file. Under Kerberos,
anyone on the Internet can request an encrypted sample of anyone to
bang on it.
2. Under Unix, every possible password must be encrypted using every
possible seed in order to match against strings in the passwd file.
Under Kerberos, this isn't necessary -- just run string_to_key over
all of your possible passwords and they can immediately be used for
decryption attempts.
3. The crypt() function under Unix is meant to be slow. Kerberos'
decryption of the tgt is faster, significantly. Furthermore, it's
straight DES, so anyone who is serious about cracking passwords can
use all of the available DES hardware to do his cracking.
In summary, it's easier to get a hold of encrypted Kerberos data to
play with than it is to get a hold of /etc/passwd data, and playing
with it is faster.
