Adding the IETF krb-wg to the distribution.
-----Original Message----- From: Theodore Tso [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 31, 2002 9:54 PM To: Andreas Hasenack Cc: [EMAIL PROTECTED] Subject: Re: Paper about kerberos' password security On Thu, Jan 31, 2002 at 10:03:34AM -0200, Andreas Hasenack wrote: > I'm sure at least the developers have read Thomas Wu's paper[1] titled > "A Real-World Analysis of Kerberos Password Security". Weak user > passwords are not a new problem. > > Basically, he says that a dictionary attack can be quite effective, > and cracked over 2,000 passwords in two weeks on a 25k user kerberos > realm (and over 50% were 8 characters in length). Using pre-auth with > timestamp doesn't make thing look much better, one can still sniff the > network and make the same attack. According to the folks at Stanford, they were kinda miffed about his paper, in that he made some statements that could be considered intellectually dishonest. Yes, he did crack over 2,000 passwords in two weeks, and yes, this was with a password quality checker on the adminserver in place. But what he failed to disclose was that the password quality check had only recently been installed, and most of the passwords which he caught would have been rejected by the password quality checker. So would he have gotten such an impressive results if he had done the test only on passwords that had been vetted by the password quality checker; that's very unclear. At the time, the author did not disclose that the technique he was pushing was patented, and although (he and Stanford) later made some limited modes of SRP freely available under a patent license, that wasn't the case at the time, and so at least some people questioned whether his paper was simply a white paper trying to sell a technique that he was trying to make money on. It should be noted that since then, although Thomas Wu and Stanford have made it available (thus neutralizing the previous concern), there are other potential patent complications with using SRP, including the Lucent EKE patent, and possibly the SPEKE patent as well. (The SPEKE patent has incredibly broad claims, and while a patent attorney might be able to argue that they are overly broad, trying to litigate any kind of patent claim once the patent is issued is incredibly expensive, even if the patent claims are pretty clearly a complete abuse of the patent system.) As a result, I would strongly encourage folks who are interested in things like SRP to take a page from DVD players like xine, and define a plug-in architecture so that shared libraries can contain the SRP (or other password authentication and/or preauthentication) code. That way, the base distribution of the software can be distributed without any worries about patent entangelments, and software components can be distributed in the parts of the free world where software/algorithm patents aren't an issue. Individual users can then decide on their own whether or not they feel comfortable grabbing the plug-in module (or not) depending on what their read on the legal situation is, and whether or not they believe they are judgement proof. Aren't software patents fun? - Ted ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
