Replaying and server side caching.
Derek Atkins
warlord at MIT.EDU
Fri Apr 11 12:47:32 EDT 2003
Nicolas Williams <Nicolas.Williams at sun.com> writes:
> On Fri, Apr 11, 2003 at 11:55:53AM -0400, Derek Atkins wrote:
> > Tom Yu <tlyu at MIT.EDU> writes:
> > > The TGT response won't do an attacker much good without the session
> > > key.
> >
> > Except that an AS-REP is encrypted in the user's long-term key,
> > which allows for an offline dictionary attack.
>
> Except that if the attacker has an AS-REQ with valid enc-timestamp
> pre-auth to replay then the attacker has material encrypted in the
> user's long term key and can already mount an offline dictionary attack
> (and if pre-auth is not required then the attacker can always get a
> ticket encrypted in the user's long term key without having to capture
> and replay any AS-REQs).
True...
> Though I suppose that it might be easier to mount a dictionary attack
> against an AS-REP's enc-part than against a pa-enc-timestamp. Is it?
I think there is more known plaintext in the AS-REP enc-part,
but I'm not sure..
> Nico
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord at MIT.EDU PGP key available
More information about the krbdev
mailing list