[1017] in Kerberos
Re: Dictionary attacks
daemon@ATHENA.MIT.EDU (Wesley Craig)
Fri Jun 15 14:30:54 1990
Date: 15 Jun 90 16:46:40 GMT
From: apple!usc!samsung!umich!terminator!terminator.cc.umich.edu!wes@decwrl.dec.com (Wesley Craig)
To: kerberos@ATHENA.MIT.EDU
In article <UaSBcy=0Bww25YSmBx@transarc.com> Ted_Anderson@TRANSARC.COM writes:
> As long as there are more than eight bytes we
>can predict the plaintext to the first round of encryption in the CBC.
>Now we separately compute the encryption of this text with all the
>passwords of interest. This list is sorted and becomes the
>"dictionary". Now we look each of the responses from the first step up
>in this "dictionary", every match gives us someone's key.
I believe that the confounder was introduced to (surprisingly) confound
this attack. The confounder is a random number at the beginning of the
encrypted packet, thus removing the possibility for the attack above.
wes
