Populating krbPrincipalName multivalued (Was: Re: LDAP searches for Kerberos entries)

Greg Hudson ghudson at mit.edu
Fri Feb 13 13:06:31 EST 2015


On 02/13/2015 12:55 PM, Michael Ströder wrote:
> So the alias name is not cryptographically bound to the principal's key?

Not inherently, no.

If a principal's long-term key is based on a password, a salt is used to
increase the cost of dictionary attacks against multiple principals
(except for the RC4 enctype, which ignores salts for historical
reasons).  The KDC can explicitly inform the client of the salt during
an AS exchange, or it can say "use the default salt," where the default
salt is based on the principal name.  Likewise, inside the database, the
salt can be explicitly stored in the principal entry, or the database
entry can just say that the default salt was used.

So the KDC needs to know which name is canonical, in order to know what
the default salt should be.  And the KDC needs to communicate either the
canonical name or the salt to the client during an AS exchange.  But
assuming that is taken care of, there is no reason the same key cannot
be used with several principal names.  Active Directory makes extensive
use of this flexibiltiy in the way it handles computer accounts.


More information about the Kerberos mailing list