[1396] in Kerberos
Verifying passwords without getting new tickets
daemon@ATHENA.MIT.EDU (Chris Riddick)
Mon May 20 17:53:13 1991
From: Chris Riddick <cjr@simpact.COM>
To: mdl@b.gp.cs.cmu.edu
Cc: cjr@simpact.COM, kctreima@eos.ncsu.edu, kerberos@ATHENA.MIT.EDU
Date: Mon, 20 May 91 16:54:38 EDT
There is a way to render the dictionary attack ineffective. That is the use
of one-time passwords. With a onetime password, even a TGT that was stolen
simply by eavesdropping during login would not be useful. The password that
was extracted via the dictionary attack (other other cryptanalysis) was only
good for that login (i.e., TGT). The next time the user logs in, a
different password will be required.
Granted, Mark was right in saying that the Kerberos protocol would have to
be altered. However, only the TGT protocol would be modified. All service
ticket requests would continue to be done as they are now.
By the way, in V5, the confounder was created to make cryptanalysis more
difficult by adding random padding to the front of the protocol packet.
Chris Riddick
