[4873] in Kerberos

home help back first fref pref prev next nref lref last post

Re: Proposal for a SmartCard-Kerberos Implementation

daemon@ATHENA.MIT.EDU (Marc Horowitz)
Mon Mar 27 15:04:27 1995

To: kerberos@MIT.EDU
Date: 27 Mar 1995 19:54:30 GMT
From: marc@cam.ov.com (Marc Horowitz)


>> PROPOSED METHOD:
>> 
>> 	1. Send SecurID code to kinit process.
>> 	2. Kinit sends request to KDC with plaintext SecurID code.
>> 	3. KDC verifies SecurID code and generates TGT encrypted in host-key.
>> 	3.5. TGT traverses network from KDC to kinit encrypted in host-key.
>> 	4. Kinit decrypts TGT with host-key found in v5srvtab.

This also has the weakness that an attacker impersonating the kdc or
login (via a routing attack, spoofed client or server, or something
similar) could, without much sophistication, snoop the securid key,
construct his own AS_REQ based on a known host-key, present this to
the real kdc, and end up with a ticket for the user.  This is a
moderately difficult attack, but it's a little too easy for my tastes,
with kerberos being UDP-based, and full use of a ticket for the ticket
lifetime being a real threat.

		Marc

home help back first fref pref prev next nref lref last post