What happens if my KDC is compromised?
Jeffrey Altman
jaltman at secure-endpoints.com
Fri Sep 17 17:21:05 EDT 2010
On 9/17/2010 2:33 PM, Ken Raeburn wrote:
>
>
> This is why, every now and then, people revisit the idea of some kind of "tamper-proof" hardware for the core of the KDC, which would theoretically self-destruct and not reveal the master key if tampered with; external communication would be limited to a few KDC messages and (encrypted, and maybe signed) KDB data, to reduce the vulnerability exposure possibilities in that code, even if the computer housing the tamper-proof card were compromised. It's an interesting idea, but AFAIK it hasn't gone beyond research projects so far.
Secure Endpoints has a Heimdal based Hardware Secure KDC product that is
nearing completion. We presented a talk at the 2009 AFS and Kerberos
Workshop on our model.
http://workshop.openafs.org/afsbpw09/wed_3_3.html
The Heimdal-HSM KDC can run on UNIX platforms as well as Microsoft Windows.
If you are interested in pricing and availability, contact me directly.
Jeffrey Altman
Secure Endpoints Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: OpenPGP digital signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20100917/7e6dee60/attachment.bin
More information about the Kerberos
mailing list