Kerberos question

Blaz Primc expertmeant at
Thu Apr 22 03:21:38 EDT 2010

Yes, by brute force.

And by an attacker, I mean the legitimate user that requested the ticket 
from KDC.

Best regards, Blaž

On 21/04/10 23:09, Greg Hudson wrote:
> On Sat, 2010-04-17 at 14:36 -0400, Blaz Primc wrote:
>> Couldn't an attacker do a known-plain-text attack on the second part of
>> the message, because he knows what the "random key" is and by doing that
>> acquire the service's long term key...?
> By "known-plain-text attack" you mean a brute-force key search?

More information about the krbdev mailing list