Kerberos Password Sniffing

Jeffrey Altman jaltman at
Sun Dec 1 06:16:16 EST 2002

There are a large number of factors:

 . do not want to require the use of PKINIT solutions since the whole
   point of Kerberos is that Kerberos is the trust third party and
   we do not want to need to worry about all of the problems surrounding
   PK management

 . do not want to require the use of TLS over which the Kerberos
   exchange could take place; both because of the added crypto 
   overhead and because most Kerberos implementations do not yet
   support non-UDP exchanges

 . do not want to require the use of Zero Knowledge Inference solutions
   such as EKE, SPEKE, and SRP because of all the intellectual property
   issues surrounding the various patent claims.

Once you go through that list what are we left with?

The working group has been talking about a variety of solutions that could
be standardized.  Perhaps SRP for open source deployments and SPEKE for 
commerical ones.  Some people might want the TLS solution.  In any case,
the IETF has had a hard enough time just coming to consensus on the 
Kerberos 5 Clarifications document let alone addressing all of the many 
other needs which may be dependent on Kerberos 5 Revisions.

Kerberos 5 Clarifications plus the Crypto updates and AES support
should go the IESG within the next month.  Then we will start to work
on PKINIT, PKCROSS, Set/Change Password, and the Revisions document.
Rapid progress should be acheivable from this point forward.

In article <3DE9EB4B.1080504 at>, Frank O'Dwyer  <fod at> wrote:
: Can you elaborate on the solutions that are being considered and what 
: the timetable is?
: Also at the risk of sounding curmudgeonly, what's the hold up? I and 
: others have been banging on about this vulnerability for years now. Why 
: does it take the announcement of a tool to light a fire under people, 
: when the possibility of such a tool has been obvious and well documented 
: in the literature for over 10 years, as have the various possible fixes?
: There is also some breakdown in communication going on, since there are 
: 1000s of admins out there who have somehow got the message that Kerberos 
: is "unsniffable". Which is true in theory (PKINIT etc), yet in practical 
: terms is far from the truth.
: I suppose we're lucky that this guy hasn't put a nice GUI on the tool.
: Yet.
: Cheers,
: Frank.
: Sam Hartman wrote:
: > You should note that fixing offline dictionary attacks is a current
: > work item of the Kerberos working group of the IETF; solutions are
: > basically understood but need to be written up and implemented.
: > 
: > ________________________________________________
: > Kerberos mailing list           Kerberos at
: >
: > 

 Jeffrey Altman * Volunteer Developer      Kermit 95 2.1 GUI available now!!!
 The Kermit Project @ Columbia University  SSH, Secure Telnet, Secure FTP, HTTP            Secured with MIT Kerberos, SRP, and 
 kermit-support at               OpenSSL.

More information about the Kerberos mailing list