[35982] in Kerberos
Distributed Kerberos5? Fwd: NSA backdoor risks in Kerberos
daemon@ATHENA.MIT.EDU (Wang Shouhua)
Wed Apr 2 15:52:47 2014
MIME-Version: 1.0
Date: Wed, 2 Apr 2014 21:52:29 +0200
Message-ID: <CANzOW++FGZiOq+-PswdW_GBv7nUV7mjzLRwdzr_QhX9T3+mEGg@mail.gmail.com>
From: Wang Shouhua <shouhuaw@gmail.com>
To: Kerberos@mit.edu
Content-Type: multipart/mixed; boundary="===============0956897223=="
Errors-To: kerberos-bounces@mit.edu
--===============0956897223==
Content-Type: text/plain; charset=GB2312
Content-Transfer-Encoding: 8bit
On 2 April 2014 20:45, Russ Allbery <eagle@eyrie.org> wrote:
> Benjamin Kaduk <kaduk@MIT.EDU> writes:
>
>> The core kerberos protocol itself is pretty well-analyzed, and unlikely
>> to have been backdoored. There could potentially be issues with the
>> crypto primitives used by a particular Kerberos implementation or
>> encryption type (e.g., PRNG, block cipher, and hash function), but such
>> issues would have much broader consequences than just kerberos. AES is
>> probably fine, but, say, the md4 hash function used in arcfour-hmac's
>> string-to-key is not so good, and as mentioned already RFC 6649
>> deprecates some weak enctypes.
>
> With Kerberos, it's always worth being aware that it's a trusted central
> authentication system.
Isn't there a distributed version of Kerberos5 which avoids this problem?
Wang
--
Wang Shouhua - shouhuaw@gmail.com
中华人民共和国科学技术部 - HTTP://WWW.MOST.GOV.CN
--===============0956897223==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
--===============0956897223==--
