Behavior change of krb5_rd_req: what error to return

Sam Hartman hartmans at MIT.EDU
Thu Dec 4 09:13:46 EST 2008

>>>>> "John" == John Hascall <john at> writes:

    >> It seems like a very bad idea to have two principals that share
    >> the same key and are not aliases.

    John>   This raises the question of the Birthday Paradox -- do we
    John> believe that the sizes of all key types (DES at 56 would be
    John> the smallest?) available in Kerberos are large enough that
    John> any expected installation of it would not have enough keys
    John> that two randomly generated ones are "likely" to colide?
Yes.  However the security problem is inherent and already exists
independent of this proposed change.  Kerbero's security depends on
only the expected parties knowing the secret:-)

There are a variety of somewhat different attacks one could mount if
two users had the same key.  For example, a user could impersonate any
service including the KDC itself to another user who had the same
secret key.


More information about the krbdev mailing list