Kerberos question
Blaz Primc
expertmeant at gmail.com
Sat Apr 17 14:36:17 EDT 2010
Hi,
reading http://www.bsdlover.cn/?uid-129-action-viewspace-itemid-855 got
me thinking. In the article the author states:
*One part contains the random key along with the service's name,
encrypted with the user's long-term key; the other part contains that
same random key along with the user's name, encrypted with the service's
long-term key.*
Couldn't an attacker do a known-plain-text attack on the second part of
the message, because he knows what the "random key" is and by doing that
acquire the service's long term key...?
I may be missing something, because the description is general, but how
does Kerberos handle that?
Best regards, Blaž
More information about the krbdev
mailing list