Replaying and server side caching.

Nicolas Williams Nicolas.Williams at
Fri Apr 11 12:41:22 EDT 2003

On Fri, Apr 11, 2003 at 11:55:53AM -0400, Derek Atkins wrote:
> Tom Yu <tlyu at MIT.EDU> writes:
> > The TGT response won't do an attacker much good without the session
> > key.
> Except that an AS-REP is encrypted in the user's long-term key,
> which allows for an offline dictionary attack.

Except that if the attacker has an AS-REQ with valid enc-timestamp
pre-auth to replay then the attacker has material encrypted in the
user's long term key and can already mount an offline dictionary attack
(and if pre-auth is not required then the attacker can always get a
ticket encrypted in the user's long term key without having to capture
and replay any AS-REQs).

Though I suppose that it might be easier to mount a dictionary attack
against an AS-REP's enc-part than against a pa-enc-timestamp.  Is it?


More information about the krbdev mailing list