Security issues with not transferring the password
Sam Hartman
hartmans at MIT.EDU
Wed Feb 18 12:32:55 EST 2004
>>>>> "Fredrik" == Fredrik Tolf <fredrik at dolda2000.com> writes:
Fredrik> The way I've understood it (please correct me if I'm
Fredrik> wrong), is that the KDC encrypts the TGT with a
Fredrik> symmetrical cipher (3DES?) using the user's password as
Fredrik> the key, right? In that case, couldn't a hostile just
Fredrik> obtain an encrypted TGT and brute-force the password from
Fredrik> it?
Yes you can do this. There's a reason Kerberos implementations have
password quality checks.
Is this better than something like SRP? No. IS it better than
sending the password over the network unencrypted? Much.
Please see discussions within the Kerberos working group of the IETF
for various extensions to Kerberos to make it harder to attack
passwords.
More information about the Kerberos
mailing list