On Wed, Apr 2, 2014 at 1:10 AM, Chris Hecker <[email protected]> wrote: > I hope this won't turn into a giant thread, I'm just looking for some > succinct facts and/or links to thoughtful discussion, I'm not interested > in a bunch of opinions or a flame war or anything like that, and I don't > think that'd be appropriate for this list or help anybody. But here goes: > > Has there been a technical writeup of potential backdoor risks in > Kerberos, similar to the stuff that keeps coming out about various RSA > products: > > http://www.reuters.com/article/2014/03/31/us-usa-security-nsa-rsa-idUSBREA2U0TY20140331
Kerberos doesn't have large-enough nonces for a Dual_EC-style attack. Kerberos isn't used on a large enough scale to be worth backdooring. Any backdoor is likely to be found only in implementations, not the protocol on account of backdooring protocols being a difficult and risky task. Nico -- ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
