The Key Generation and Distribution Model Used



next up previous contents
Next: The Composition of Up: Kerberos Previous: The Areas of

The Key Generation and Distribution Model Used

The secret keys for users are generated based on a one-way function of the users' password. This is done so that the user is not required to remember a very long number (the secret key). However this creates a vulnerability for discovering the password. The user's secret key is used to encrypt the session key to be used between the user and the ticket-granting-service and clientname, servername, timestamps, etc. The vulnerability is created because this information, when decrypted, results in plaintext. Since the keyspace for a user's key can be considered smaller than all possible DES keys (because it is based on the user's password, a limited pool to choose from) an imposter could capture a response from the ticket-granting-service to the user, and perform a dictionary attack to generate the correct key. The correct key (and thus password) is found when the message decrypts into readable form. Kerberos Version 5 has made provisions for the use of smartcards or tokens that can be used to store a user's key, thus eliminating the need generating the user's key based on his password.

The key distribution model used in Kerberos is based on the Needham and Schroeder key distribution protocols, modified with the addition of timestamps [SMS87, p.7]. A tutorial paper by Voydock and Kent provides an introduction to the topic and explains the timestamp modifications.



John Barkley
Fri Oct 7 16:17:21 EDT 1994