Kerberos question

Greg Hudson ghudson at MIT.EDU
Wed Apr 21 17:09:50 EDT 2010

On Sat, 2010-04-17 at 14:36 -0400, Blaz Primc wrote:
> Couldn't an attacker do a known-plain-text attack on the second part of 
> the message, because he knows what the "random key" is and by doing that 
> acquire the service's long term key...?

By "known-plain-text attack" you mean a brute-force key search?

More information about the krbdev mailing list