"Tom Yu" <[EMAIL PROTECTED]> schrieb... > Kerberos doesn't use symmetric-key Needham-Schroeder directly; it has > been modified to use timestamps to avoid a freshness problem found by > Burrows et al. in the BAN logic paper. Also, Lowe's attack was on > public-key Needham-Schroeder, if I recall correctly.
Thanks, Tom. This means, Lowe's attack doesn't touch kerberos!? 2 other questions: Kerberos uses symmetric keys. How can it guarantee, that a message/ticket was not altered (integrity)? How does logout work? I really looked around but found no answers. Chris ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
