GSS Server without secret key?

Dennis Davis D.H.Davis at bath.ac.uk
Fri Nov 7 04:47:45 EST 2003


>Subject: GSS Server without secret key?
>From: Oliver Schoett <os at sdm.de>
>Date: Thu, 06 Nov 2003 12:17:03 +0100
>Organization: "sd&m AG, Muenchen, Germany"
>To: kerberos at mit.edu
>
>I have been playing with the Sun GSS/Kerberos sample code in
>
>http://java.sun.com/j2se/1.4.2/docs/guide/security/jgss/tutorials/ClientServer.html
>
>and noticed that the client in this scenario needs only a Kerberos
>ticket (for example, obtained from an initial Windows logon), whereas
>the server needs a secret key.  This creates a key management problem
>for our servers, which I would like to avoid.
>
>Why is it that the server needs a key, when in principle, a ticket
>should be enough to prove one's identity?  Is there a way to avoid the
>key management problem for servers?

The server needs a key that's used as part of the authentication
procedure.  If this isn't done, you're suseptible to a
man-in-the-middle attack.  Also known as the "Zanarotti Attack".
See:

http://www.stacken.kth.se/lists/heimdal-discuss/2000-10/msg00011.html

for further details.


More information about the Kerberos mailing list