What happens if my KDC is compromised?

Jeffrey Altman jaltman at secure-endpoints.com
Fri Sep 17 17:21:05 EDT 2010


 On 9/17/2010 2:33 PM, Ken Raeburn wrote:
>
>
> This is why, every now and then, people revisit the idea of some kind of "tamper-proof" hardware for the core of the KDC, which would theoretically self-destruct and not reveal the master key if tampered with; external communication would be limited to a few KDC messages and (encrypted, and maybe signed) KDB data, to reduce the vulnerability exposure possibilities in that code, even if the computer housing the tamper-proof card were compromised.  It's an interesting idea, but AFAIK it hasn't gone beyond research projects so far.

Secure Endpoints has a Heimdal based Hardware Secure KDC product that is
nearing completion.   We presented a talk at the 2009 AFS and Kerberos
Workshop on our model. 

  http://workshop.openafs.org/afsbpw09/wed_3_3.html

The Heimdal-HSM KDC can run on UNIX platforms as well as Microsoft Windows.

If you are interested in pricing and availability, contact me directly.

Jeffrey Altman
Secure Endpoints Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: OpenPGP digital signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20100917/7e6dee60/attachment.bin


More information about the Kerberos mailing list