Distributed Kerberos5? Fwd: NSA backdoor risks in Kerberos

[Wang Shouhua]

On 2 April 2014 20:45, Russ Allbery <eagle at eyrie.org> wrote:
> Benjamin Kaduk <kaduk at MIT.EDU> writes:
>
>> The core kerberos protocol itself is pretty well-analyzed, and unlikely
>> to have been backdoored.  There could potentially be issues with the
>> crypto primitives used by a particular Kerberos implementation or
>> encryption type (e.g., PRNG, block cipher, and hash function), but such
>> issues would have much broader consequences than just kerberos.  AES is
>> probably fine, but, say, the md4 hash function used in arcfour-hmac's
>> string-to-key is not so good, and as mentioned already RFC 6649
>> deprecates some weak enctypes.
>
> With Kerberos, it's always worth being aware that it's a trusted central
> authentication system.

Isn't there a distributed version of Kerberos5 which avoids this problem?

Wang
-- 
Wang Shouhua - shouhuaw at gmail.com
ÖлªÈËÃñ¹²ºÍ¹ú¿Æѧ¼¼Êõ²¿ - HTTP://WWW.MOST.GOV.CN