Question about FAST

Greg Hudson ghudson at MIT.EDU
Sat Jun 26 01:37:14 EDT 2010


On Fri, 2010-06-25 at 23:55 -0400, kristian wrote:
> 1. How can we prove the vulnaribility of 
> Kerberos protocol without FAST pre-authentication implemented ?

I haven't personally tried to do this, so I'm not sure why John the
Ripper wouldn't be working.  Note that if your user principals require
preauth, you'd want to attack the second AS-REQ or second AS-REP; if
they don't require preauth, you'd want to attack the first AS-REP.

>  How is FAST implemented in Kerberos really ? I mean, in what file or 
> what section script of FAST included in Kerberos has installed and how is it enabled?

The client code lives in lib/krb5/krb/fast.c, with hooks invoking those
functions in get_in_tkt.c.  The KDC code lives in kdc/kdc_util.c, with
calls to it in do_as_req.c and do_tgs_req.c.

No KDC configuration is required to enable FAST, beyond requiring
preauth on your user principals.  (There is currently no way to require
FAST for such principals, or to remove encrypted timestamp from the
preauth hint list.)

On the client side, the application must supply an armor ccache in order
to use FAST.  This will likely change when we support anonymous pkinit
armor, but for the moment the only way to productively use FAST is with
an existing ccache--ideally one obtained using a strong key, such as the
host key.  (Any ccache containing a TGT can be used, however.)  For
one-off testing, the easiest way to observe FAST is with kinit's -T
flag, passing it the name of an existing ccache.

One can integrate FAST with a Unix login system using the most recent
release of pam_krb5
(http://www.eyrie.org/~eagle/software/pam-krb5/pam-krb5.html) in
combination with a program like k5start to maintain the armor ccache
using the host keytab.

If you're adventurous enough to use trunk code (the stuff destined to
become krb5 1.9), you can use KRB5_TRACE to get a little insight into
what's going on.  For instance, here's a little demo:

equal-rites$ cd /me/krb5/build
equal-rites$ make testrealm
[...]

Realm files are in /me/krb5/build/testdir
KRB5_CONFIG is /me/krb5/build/testdir/krb5.master.conf
KRB5_KDC_PROFILE is /me/krb5/build/testdir/kdc.master.conf
KRB5CCNAME is /me/krb5/build/testdir/ccache
KRB5_KTNAME is /me/krb5/build/testdir/keytab
KRB5RCACHEDIR is /me/krb5/build/testdir
Password for user is user29549 (see also testdir/passwords)
Password for admin is admin29549

equal-rites$ kinit user
Password for user at KRBTEST.COM: 
equal-rites$ kadmin.local
Authenticating as principal user/admin at KRBTEST.COM with password.
kadmin.local:  modprinc +requires_preauth user
Principal "user at KRBTEST.COM" modified.
kadmin.local:  q
equal-rites$ KRB5_TRACE=/dev/stdout kinit -T testdir/ccache user
[29571] 1277530221.745429: Getting initial credentials for user at KRBTEST.COM
[29571] 1277530221.747239: FAST armor ccache: testdir/ccache
[29571] 1277530221.747314: Retrieving user at KRBTEST.COM -> krb5_ccache_conf_data/fast_avail/krbtgt\/KRBTEST.COM\@KRBTEST.COM at X-CACHECONF: from FILE:testdir/ccache with result: 0/success
[29571] 1277530221.747321: Read config in FILE:testdir/ccache for krbtgt/KRBTEST.COM at KRBTEST.COM: fast_avail: yes
[29571] 1277530221.747325: Using FAST due to armor ccache negotiation result
[29571] 1277530221.747341: Getting credentials user at KRBTEST.COM -> krbtgt/KRBTEST.COM at KRBTEST.COM using ccache FILE:testdir/ccache
[29571] 1277530221.747376: Retrieving user at KRBTEST.COM -> krbtgt/KRBTEST.COM at KRBTEST.COM from FILE:testdir/ccache with result: 0/success
[29571] 1277530221.747394: Armor ccache sesion key: aes256-cts/010E
[29571] 1277530221.747446: Creating authenticator for user at KRBTEST.COM -> krbtgt/KRBTEST.COM at KRBTEST.COM, seqnum 0, subkey aes256-cts/6684, session key aes256-cts/010E
[29571] 1277530221.747577: FAST armor key: aes256-cts/DB44
[29571] 1277530221.747596: Encoding request body and padata into FAST request
[29571] 1277530221.747680: Sending request (969 bytes) to KRBTEST.COM
[29571] 1277530221.747975: Sending initial UDP request to dgram 127.0.1.1:61000
[29571] 1277530221.748588: Received answer from dgram 127.0.1.1:61000
[29571] 1277530221.748600: Response was not from master KDC
[29571] 1277530221.748614: Received error from KDC: -1765328359/Additional pre-authentication required
[29571] 1277530221.748624: Decoding FAST response
[29571] 1277530221.748693: Processing preauth types: 136, 19, 13, 138, 133, 137
[29571] 1277530221.748704: Selected etype info: etype aes256-cts, salt "(null)", params ""
[29571] 1277530221.748708: Received cookie: MIT
Password for user at KRBTEST.COM: 
[29571] 1277530246.424224: Preauth module Encrypted Challenge (138) (flags=1) returned: 0/success
[29571] 1277530246.424239: Produced preauth for next request: 133, 138
[29571] 1277530246.424245: Encoding request body and padata into FAST request
[29571] 1277530246.424346: Sending request (1068 bytes) to KRBTEST.COM
[29571] 1277530246.424499: Sending initial UDP request to dgram 127.0.1.1:61000
[29571] 1277530246.428405: Received answer from dgram 127.0.1.1:61000
[29571] 1277530246.428425: Response was not from master KDC
[29571] 1277530246.428461: Decoding FAST response
[29571] 1277530246.428547: Processing preauth types: 19, 138
[29571] 1277530246.428562: Selected etype info: etype aes256-cts, salt "(null)", params ""
[29571] 1277530246.428615: Preauth module Encrypted Challenge (138) (flags=1) returned: 0/success
[29571] 1277530246.428626: Produced preauth for next request: (empty)
[29571] 1277530246.428636: Salt derived from principal: KRBTEST.COMuser
[29571] 1277530246.428666: AS key determined by preauth: aes256-cts/00B2
[29571] 1277530246.428699: FAST reply key: aes256-cts/225F
[29571] 1277530246.428748: Decrypted AS reply; session key is: aes256-cts/8B19
[29571] 1277530246.428779: FAST negotiation: available
[29571] 1277530246.428808: Initializing FILE:/me/krb5/build/testdir/ccache with default princ user at KRBTEST.COM
[29571] 1277530246.428917: Removing user at KRBTEST.COM -> krbtgt/KRBTEST.COM at KRBTEST.COM from FILE:/me/krb5/build/testdir/ccache
[29571] 1277530246.428931: Storing user at KRBTEST.COM -> krbtgt/KRBTEST.COM at KRBTEST.COM in FILE:/me/krb5/build/testdir/ccache
[29571] 1277530246.428994: Storing config in FILE:/me/krb5/build/testdir/ccache for krbtgt/KRBTEST.COM at KRBTEST.COM: fast_avail: yes
[29571] 1277530246.429030: Removing user at KRBTEST.COM -> krb5_ccache_conf_data/fast_avail/krbtgt\/KRBTEST.COM\@KRBTEST.COM at X-CACHECONF: from FILE:/me/krb5/build/testdir/ccache
[29571] 1277530246.429045: Storing user at KRBTEST.COM -> krb5_ccache_conf_data/fast_avail/krbtgt\/KRBTEST.COM\@KRBTEST.COM at X-CACHECONF: in FILE:/me/krb5/build/testdir/ccache
equal-rites$ 






More information about the krbdev mailing list