Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
NDSS
1999
IEEE
1999
IEEE
A Real-World Analysis of Kerberos Password Security
Kerberos is a distributed authentication system that many organizations use to handle domain-wide password security. Although it has been known for quite some time that Kerberos is vulnerable to brute-force password searches, there has so far been little analysis of the scope and extent of this vulnerability. This paper discusses the nature of this weakness in detail and attempts to quantify the severity of the danger it poses to existing Kerberized installations. The results of a controlled experiment, in which a large number of passwords from a Kerberos realm were broken o -line and subjected to analysis, will be presented. The author explores possible strategies for repairing this security hole, the most viable of which is the use of Kerberos V5 preauthentication coupled with a secure password authentication protocol such as SRP, SPEKE, or EKE.
Real-time TrafficBrute-force Password Searches | Computer Networks | Domain-wide Password Security | NDSS 1999 | Password |
| Added | 04 Aug 2010 |
| Updated | 04 Aug 2010 |
| Type | Conference |
| Year | 1999 |
| Where | NDSS |
| Authors | Thomas D. Wu |
Comments (0)
Researcher Info
|
