[4610] in Kerberos
Re: Brute-force decryption (was: Should I restrict 'kinit' access)
daemon@ATHENA.MIT.EDU (Marc Horowitz)
Mon Feb 13 18:07:45 1995
To: kerberos@MIT.EDU
Date: 13 Feb 1995 22:58:05 GMT
From: marc@cam.ov.com (Marc Horowitz)
>> For example, instead of your initial ticket, the server could generate
>> a random integer and send it to you. You decrypt it with your
>> password and send it back. If it's right, then you get your actual
>> ticket. If it's wrong, then the server increments the number of wrong
>> guesses at your password, and if you guess too many times it freezes
>> your account.
That's not good enough either, since I could still snoop the ticket.
You can eliminate passive spoofing attacks, but you need to do
Diffie-Hellman in the preauthentication stage, or something similar.
Marc
