[15709] in Kerberos_V5_Development

home help back first fref pref prev next nref lref last post

Re: Kerberos question

daemon@ATHENA.MIT.EDU (Blaz Primc)
Fri Apr 23 21:30:27 2010

Message-ID: <4BCFF902.1030900@gmail.com>
Date: Thu, 22 Apr 2010 09:21:38 +0200
From: Blaz Primc <expertmeant@gmail.com>
MIME-Version: 1.0
To: Greg Hudson <ghudson@mit.edu>
In-Reply-To: <1271884190.19726.26.camel@ray>
Cc: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="utf-8"
Errors-To: krbdev-bounces@mit.edu
Content-Transfer-Encoding: 8bit

Yes, by brute force.
And by an attacker, I mean the legitimate user that requested the ticket from KDC.
Best regards, Blaž
On 21/04/10 23:09, Greg Hudson wrote:> On Sat, 2010-04-17 at 14:36 -0400, Blaz Primc wrote:>> Couldn't an attacker do a known-plain-text attack on the second part of>> the message, because he knows what the "random key" is and by doing that>> acquire the service's long term key...?>> By "known-plain-text attack" you mean a brute-force key search?>>>_______________________________________________krbdev mailing list             krbdev@mit.eduhttps://mailman.mit.edu/mailman/listinfo/krbdev

home help back first fref pref prev next nref lref last post