>>>>> "Christoph" == Christoph Riesenberger <[EMAIL PROTECTED]> writes:
Christoph> Kerberos, I think, uses the Needham Schoeder protocol for Christoph> key exchange. In 1995, Gavin Lowe has found an attack on Christoph> this protocol. Is Kerberos now insecure, or has this been Christoph> already patched? Kerberos doesn't use symmetric-key Needham-Schroeder directly; it has been modified to use timestamps to avoid a freshness problem found by Burrows et al. in the BAN logic paper. Also, Lowe's attack was on public-key Needham-Schroeder, if I recall correctly. ---Tom ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
