clock skew and preauth

Greg Hudson ghudson at MIT.EDU
Sun Apr 15 18:37:56 EDT 2012

On 04/05/2012 12:31 PM, Stef Walter wrote:
> Attached is a patch which:
>  * Stores a timestamp offset in krb5_clpreauth_rock when preauth is
>    requested, and uses it during preauth encrypted timestamp.
>  * Exposes a new callback for client preauth plugins. Suggested
>    by Greg.
>  * Refactors krb5_us_timeofday() so we don't copy paste around
>    the offset calculation code.
>  * Uses an offset because of the prompting delay problem [1]
>  * Only enables preauth offsets if kdc_timesync != 0.

I have one concern about this approach, which is that an attacker could
create a false log entry for a successful preauthentication on the KDC
by forging the timestamp in a preauth-required error.  That is, you
attempt to kinit at noon; I forge a timestamp of 11pm in the
preauth-required error and capture your preauthenticated request; then
at 11pm I send that request to the KDC to make it look like you
authenticated at that time.

This isn't necessarily a serious enough vulnerability to worry about
(when the alternative is for preauth to just fail with skewed clocks),
but I want to raise the issue before taking the patch.

More information about the krbdev mailing list