need project review

Jeffrey Hutzelman jhutz at
Mon Apr 7 17:41:57 EDT 2008

--On Monday, April 07, 2008 08:50:13 PM +0100 Tim Alsop 
<Tim.Alsop at CyberSafe.Com> wrote:

> Nico,
> The point I am trying to make is if you use a stash file you only need
> to keep the LATEST master key, but if you use a keytab (as somebody
> suggested in an earlier email) you would store the latest, as well as
> all previous master keys. Our product stores all master keys in the DB
> and encrypts them all with the latest master key, so we have some added
> protection of the master keys. As you know, keys in a keytab file are
> not encrypted so the keytab could be stolen to obtain the actual master
> keys. Yes, the stash file could also be stolen, but at least it would
> only contain the later master key, and not all of them.

Ah, but if I break into your KDC, I plan on stealing the database, not just 
the stash file.  If I don't steal the database, I don't have anything, 
because the only thing the master key is used for is encrypting long-term 
keys stored in the database.  If I _do_ steal the database, then it doesn't 
really matter whether you stored old master keys in the database or in a 
separate file, does it?

FWIW, I would point out that MIT Kerberos has supported prompting for the 
master password at startup at least since the betas I was using 10+ years 

-- Jeff

More information about the krbdev mailing list