What happens if key in keytable file is compromised?

Nali Miah nali.miah at googlemail.com
Wed Nov 1 12:14:17 EST 2006


Hi,

I have a query which I hope someone can enlighten me on.

As I understand it, a random session key is issued by the KDC when the
TGS-REQ is sent back to the client and this same session key is also stored
inside the service ticket. The service ticket is sent to the server where it
is decrypted using the service principal key found in the key table file on
the server.

So, with this in mind, if somebody manages to get a copy of the key in the
key table file (it's not important how, but imagine if they did), they could
use this key to decrypt a service ticket as it is transmitted across the
network inside a gss token inside of which, they will find the session key.

If they had captured network traffic, now that they have the session key
which was used for encryption and decryption during the users logon session,
surely they can read the captured data which was supposed to be
confidential?

Is my understanding above correct, or is the key used by gss_wrap and
gss_unwrap calculated in some way, so that knowing the session key inside
the service ticket, the gss wrapped (i.e. encrypted) data cannot be
decrypted?

Many thanks.



More information about the Kerberos mailing list