[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: KDC replay cache unnecessary?

To: Frank Cusack <fcusack@fcusack.com>
Subject: Re: KDC replay cache unnecessary?
From: Brian May <bam@snoopy.apana.org.au>
Date: Fri, 14 Mar 2003 21:38:03 +1100
Cc: heimdal-discuss <heimdal-discuss@sics.se>
In-Reply-To: <20030313122348.D20736@google.com>
References: <20030313122348.D20736@google.com>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Mutt/1.5.3i

On Thu, Mar 13, 2003 at 12:23:48PM -0800, Frank Cusack wrote:
> Applications that use encryption with the shared session key do not need
> a replay cache.

There is no requirement to use the shared session key.

> Therefore isn't the KDC replay cache unnecessary?

IIRC, there was a paper written that critized MIT Krb4 because of a
number of limitations in its security model. I can't remember the
details off hand, but can look them up with you want.

One of the limitations described was that there is a 5 minute
window in which a reply attack could occur (its been a long
time since a looked at this last, so the details are becoming
rusty).

The answer in Krb5 was to have a replay cache.

> This is an important question, because, AFAIK, multiple KDCs do not
> keep their replay caches in sync (referring to unix implementations only).
> If the replay cache is actually necessary, this is a major problem.

Good point.

Apparently replay caches only work if you only have one KDC per realm.
-- 
Brian May <bam@snoopy.apana.org.au>

References:
- KDC replay cache unnecessary?
  - From: Frank Cusack <fcusack@fcusack.com>

Prev by Date: Re: More, re: Heimdal compatibility with MIT Krb 4
Next by Date: why heimdal over MIT?
Prev by thread: Re: KDC replay cache unnecessary?
Next by thread: why heimdal over MIT?
Index(es):
- Date
- Thread