Srinivas Kakde <[EMAIL PROTECTED]> writes: > Is this right? How does it not fail mutual authentication? > > Does not mutual authentication requires exchange of AP-REQ and AP-REP. > How would a malicious service (a service that pretending to be another > service in the realm) acquire the session key from the ticket in the > AP-REQ (from a client) to produce the EncAPRepPart of the AP-REP unless > it has the right key in its keytab?
It tells the client to authenticate to a principal that's under the control of the attacker. The client then obtains a valid Kerberos authenticator for a principal that has nothing to do with the site that the client was intending to connect to, but which the attacker has the key for. If the client accepts the server's word for what the principal should be, there's no way to prevent this. > If a service advertise a service principal name and a client is able to > use this name and obtain a valid AP-REQ, I think: > > 1) KDC/TGS must have an entry for the name (so that clients can obtain a > service ticket for the AP-REQ) > > 2) Service must have the key that matches the name in its keytab (so it > can extract session key from the service ticket and produce AP-REQ). > > If you can (1) create account on KDC/TGS and (2) create keytab on the > service host with the correct key to decrypt service tickets, you would > need to be realm admin. Therefore not malicious? Why would you need to be realm admin to have an entry in the KDC? Every single user at Stanford has an entry in the KDC for their own individual account, for example, which they could use to spoof any service at Stanford under this authentication model. Leaving aside cross-realm trust. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
