On 10/09/2013 01:12 PM, Rick van Rein (OpenFortress) wrote: > Hi HJ, > > Thanks! > >> The plain network traffic between client and KDC is vulnerable to dictionary >> attacks on >> weak user passwords. > If I understand you correctly, you are saying that the packets themselves > provide information > suitable to build dictionary attacks, and unlike the KDC which could fend off > heavy queries, > this is not the case after a login packet has been observed. > > Please forgive me for not knowing the protocols yet -- it's only been 3 > (intensive) weeks of > Kerberos for me.
The vulnerability I mean is explained here for example: http://www.windowsdevcenter.com/pub/a/windows/excerpt/swarrior_ch14/index1.html > > This sounds like an SRP-based scheme would make a lot of sense to the > exchange with the KDC. > Except that it isn't standardised AFAIK, and TLS is. Your point is clear. > >> There are already tunneling mechansims available for MIT Kerberos >> like PKINIT and FAST but I find them rather complicated to implement. > Are you missing documentation perhaps? Wouldn't surprise me, I've also > missed guidance. > >> TLS would make things definitely easier. The GNU Kerberos solution shishi >> has support >> for TLS for example. > TLS makes things easier to administer, except for certificate juggling and > modern DANE > requirements, but I don't like its footprint of network traffic and > verification time. That's the > reason I asked -- curiosity about pros. > I would also be lucky to hear about any alternatives to the use of client/server certificates. Hans-Juergen ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
