What happens if key in keytable file is compromised?
Ken Raeburn
raeburn at MIT.EDU
Wed Nov 1 20:08:54 EST 2006
On Nov 1, 2006, at 12:14, Nali Miah wrote:
> So, with this in mind, if somebody manages to get a copy of the key
> in the
> key table file (it's not important how, but imagine if they did),
> they could
> use this key to decrypt a service ticket as it is transmitted
> across the
> network inside a gss token inside of which, they will find the
> session key.
>
> If they had captured network traffic, now that they have the
> session key
> which was used for encryption and decryption during the users logon
> session,
> surely they can read the captured data which was supposed to be
> confidential?
The basic GSSAPI protocol doesn't do a DH exchange or any other sort
of perfect forward secrecy protection, so yes, previously recorded
data could be revealed if the attacker got the service key. Some
protocols may use GSSAPI or Kerberos inside a stream protected by SSL/
TLS, though, and there's been discussion of adding some sort of PFS
to Kerberos.
It's also possible for an attacker with the service key to print up
service tickets "proving" them to be anyone they want, including some
user whose account is to be attacked, or even an administrator, so
depending on the service, they may be able to look at other private
data that wasn't recently sent over the wire, etc.
Ken
More information about the Kerberos
mailing list