Attack on krb-priv and krb-safe messages

bbense+comp.protocols.kerberos.Jun.01.02@telemark.stanford.edu bbense+comp.protocols.kerberos.Jun.01.02 at telemark.stanford.edu
Sat Jun 1 13:56:36 EDT 2002


-----BEGIN PGP SIGNED MESSAGE-----

In article <pan.2002.06.01.17.11.27.130578.3120 at kruitbosch.net>,
Danny Kruitbosch  <danny at kruitbosch.net> wrote:
>Hi,
>
>I've got 2 questions:
>
>1. If a passive attacker who has successfully obtained a user's password,
>how would the attacker be able to read the encrypted messages between the
>client and server (KRB-PRIV messages). How would he decrypt them? What
>steps should he follow? Can such a thing be prevented?
>
>2. How would a active attacker who has succesfully obtained a user's
>password insert messages of it's liking in the communication between
>client and server (KRB-SAFE messages)? 
>
>
>Any input on this would be great!
>
>

- - Neither of these things are possible with just the user's
  password. The data in these messages is encrypted with
  a session key that's included in the service ticket obtained
  to access the service. Of course if you have the user's 
  password and they are on a machine that supports multiple
  logins, you can login and grab their credential cache. 

- - Booker C. Bense 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBPPkK0wD83u1ILnWNAQEOoAP7BoAzMxOV8pF4z5cH5KDHBsh9xzVeC9qQ
vg7cMFnCJMitkPIxp7fxXlB9G4m12z54glkEbOhzlWKsnGdUw2sPhSxeYbA3h8X2
dT+D4suHwzQEa3FiSG6r45eAYg1YEZbYK6ZpcBd+e2RAlk+1B6MFeyVWeTqfUSuY
6+r+WWVIL7E=
=6+Fk
-----END PGP SIGNATURE-----
-- 





More information about the Kerberos mailing list