[36116] in Kerberos
pre-authentication attacks
daemon@ATHENA.MIT.EDU (Ben H)
Wed May 14 15:18:10 2014
MIME-Version: 1.0
Date: Wed, 14 May 2014 14:17:55 -0500
Message-ID: <CAAd7auZrdp4Ax774EgO38vzjQ0OiU0twQ=j7EgrujgLeWZZPuQ@mail.gmail.com>
From: Ben H <bhendin@gmail.com>
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
I was reading up a bit on the history of pre-authentication after hearing a
speaker I generally put all faith into mention something about pre-auth
which I didn't think was accurate (namely that's its use was to help
determine available encryption types...something which I can find no
evidence of).
In any event, my understanding is that pre-auth is used to prevent an
entity from requesting a TGT without credentials and therefore not being
able to brute force the encryption.
However, there are tools out there which are able to also perform
brute-force attacks against the pre-auth timestamp. In order to do this
however, it would require the ability to listen on the wire between a
client and a KDC. Something that may be trivial in certain circumstances
(compromising a single application box could provide a sniff of all users
authenticating to the KDC).
That being said, assuming that all traffic to the KDC is encrypted,
pre-authentication would seem to be superior as I can't request a ticket
without credentials from an insecure location. If however, we assume that
all traffic between a client and a KDC may be compromised, is
pre-authentication superior?
We don't even need to make repeated attempts for a pre-auth required, we
simply need to listen on the wire for when user's authenticate.
Isn't a known entity like a UTC timestamp eaiser to brute force against
than the encrypted TGT?
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
