On Nov 1, 2006, at 12:14, Nali Miah wrote: > So, with this in mind, if somebody manages to get a copy of the key > in the > key table file (it's not important how, but imagine if they did), > they could > use this key to decrypt a service ticket as it is transmitted > across the > network inside a gss token inside of which, they will find the > session key. > > If they had captured network traffic, now that they have the > session key > which was used for encryption and decryption during the users logon > session, > surely they can read the captured data which was supposed to be > confidential?
The basic GSSAPI protocol doesn't do a DH exchange or any other sort of perfect forward secrecy protection, so yes, previously recorded data could be revealed if the attacker got the service key. Some protocols may use GSSAPI or Kerberos inside a stream protected by SSL/ TLS, though, and there's been discussion of adding some sort of PFS to Kerberos. It's also possible for an attacker with the service key to print up service tickets "proving" them to be anyone they want, including some user whose account is to be attacked, or even an administrator, so depending on the service, they may be able to look at other private data that wasn't recently sent over the wire, etc. Ken ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
