I was reading up a bit on the history of pre-authentication after hearing a speaker I generally put all faith into mention something about pre-auth which I didn't think was accurate (namely that's its use was to help determine available encryption types...something which I can find no evidence of).
In any event, my understanding is that pre-auth is used to prevent an entity from requesting a TGT without credentials and therefore not being able to brute force the encryption. However, there are tools out there which are able to also perform brute-force attacks against the pre-auth timestamp. In order to do this however, it would require the ability to listen on the wire between a client and a KDC. Something that may be trivial in certain circumstances (compromising a single application box could provide a sniff of all users authenticating to the KDC). That being said, assuming that all traffic to the KDC is encrypted, pre-authentication would seem to be superior as I can't request a ticket without credentials from an insecure location. If however, we assume that all traffic between a client and a KDC may be compromised, is pre-authentication superior? We don't even need to make repeated attempts for a pre-auth required, we simply need to listen on the wire for when user's authenticate. Isn't a known entity like a UTC timestamp eaiser to brute force against than the encrypted TGT? ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
