[937] in Kerberos
Use of portable authenticators with kerberos.
daemon@ATHENA.MIT.EDU (Bill Sommerfeld)
Thu May 10 13:26:48 1990
Date: Tue, 8 May 90 22:30:40 -0400
From: Bill Sommerfeld <wesommer@ATHENA.MIT.EDU>
To: gregh@aplcen.apl.jhu.edu (Greg Hollingsworth)
In-Reply-To: gregh@aplcen.apl.jhu.edu's message of 9 May 90 00:57:00 GMT
Cc: kerberos@ATHENA.MIT.EDU
This has been discussed in some detail (on a different list); it's not
hard to do.
Essentially, one must replace or augment the AS_REQ protocol (which
gets the initial TGT encrypted in the user's password) with one
appropriate to the particular widget in use. This would only require
a change to the login program and the KDC, with no changes needed to
most applications using kerberos. You still may need a password, if
you can't get a sufficiently large encryption key out of the widget's
protocol (56 bits in the case of DES; possibly more for other
systems); the additional bits from the widget can be used to "seed"
the string->key conversion.
In the case of the PRNG widget:
The protocol with the KDC should protect against replay; I shouldn't
be able to log in as you just by sending the same pseudo-random number
that you did within the same minute that you sent it. This implies
that the pseudo-random number should be used as a key, not as a
plaintext "password".
You also have to watch out for clock skew between the KDC and the
widget; the have to accept one of several values, and possibly give
feedback to the KDC so that it can adjust its idea of your current
skew. If your KDC is replicated (as it should be), you may need to do
a distributed database update for each login, unless you keep separate
skew state for each replica (which would be really gross..).
- Bill
