[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

How KDC ensure the security of the key in its dbase

To: heimdal-discuss@sics.se
Subject: How KDC ensure the security of the key in its dbase
From: Lara Adianto <m1r4cle_26@yahoo.com>
Date: Fri, 21 May 2004 05:06:18 -0700 (PDT)
Sender: owner-heimdal-discuss@sics.se

Hello,

As I traced the heimdal's code, I found out that the
principal's long term key is stored in the hdb_entry
structure without any encryption or any other means of
protection.

Is this safe enough ? If someone hacks the KDC, he
will straight away be able to get the key for each
principal from the database. Since the security of the
kerberos lies in the possession of the key, wouldn't
this be a threat since the hacker can try to intercept
any AS-REQ packet and then with the possession of the
key process the AS-REQ or TGS-REQ ?

Please correct me if I'm wrong.

Regards,
lara

=====
------------------------------------------------------------------------------------ 
La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
                                                                        - Guy de Maupassant -
------------------------------------------------------------------------------------


	
		
__________________________________
Do you Yahoo!?
Yahoo! Domains – Claim yours for only $14.70/year
http://smallbusiness.promotions.yahoo.com/offer

Follow-Ups:
- Re: How KDC ensure the security of the key in its dbase
  - From: joda@pdc.kth.se (Johan Danielsson)

Prev by Date: Re: Problem between versions 0.6-67 and 0.6-159 on SuSE
Next by Date: Re: How KDC ensure the security of the key in its dbase
Prev by thread: Re: Problem between versions 0.6-67 and 0.6-159 on SuSE
Next by thread: Re: How KDC ensure the security of the key in its dbase
Index(es):
- Date
- Thread