[4614] in Kerberos
Brute-force decryption (was: Should I restrict 'kinit' access)
daemon@ATHENA.MIT.EDU (Ken Olum)
Mon Feb 13 23:47:45 1995
To: kerberos@MIT.EDU
Date: 13 Feb 1995 22:15:07 GMT
From: kdo@marie.mit.edu (Ken Olum)
In article <MARC.95Feb8200043@dun-dun-noodles.cam.ov.com> marc@cam.ov.com (Marc Horowitz) writes:
>>> Is it a security risk to let users have access to the 'kinit' command?
>>> Can't they sit and hammer it all day trying to break someone else's
>>> password by brute force?
>
>This problem can be alleviated with kerberos v5's preauthentication
>feature, but such an environment would still be susceptible to
>snooping of the initial ticket and offline attacks on that.
Kerberos could be extended to prevent brute-force attacks of this
sort. For example, instead of your initial ticket, the server could
generate a random integer and send it to you. You decrypt it with
your password and send it back. If it's right, then you get your
actual ticket. If it's wrong, then the server increments the number
of wrong guesses at your password, and if you guess too many times it
freezes your account.
Ken
