Breaking and Fixing Public-Key Kerberos

Cervesato, Iliano; Jaggard, Aaron D.; Scedrov, Andre; Tsay, Joe-Kai; Walstad, Christopher

doi:10.1007/978-3-540-77505-8_13

Cited by 16 publications

(12 citation statements)

References 33 publications

(36 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In 2008, Cervesato et al [16] pointed out that manin-the-middle attack could break down the Kerberosbased systems.…”

Section: Kerberos-based Information Systemmentioning

confidence: 99%

Dynamic Keys Based Sensitive Information System

Srinivasan

2008

2008 the 9th International Conference for Young Computer Scientists

View full text Add to dashboard Cite

Protecting sensitive information systems from security threats such as unauthorised access, information eavesdropping and information interfering, is significant. Most of the natural approaches employ strong authentication or cryptography systems to protect critical data. But those approaches do not stress on the potential amount of risks associated with sensitive information, especially the vulnerability from compromising of long term cryptographic keys and the lack of fine gained access control. Therefore, in this paper, a dynamic key theory based secure sensitive information system is proposed, which integrates dynamic keys with raw data to protect sensitive information; and the system also uses the keys to secure communication and enhance access control. A formal analysis is provided to verify the security of the proposed work. It shows that the proposed system guarantees critical information data security and access control flexibility. In addition, by using two sets of dynamic keys, fraud detection and prevention is achieved in the proposed system.

show abstract

“…In 2008, Cervesato et al [16] pointed out that manin-the-middle attack could break down the Kerberosbased systems.…”

Section: Kerberos-based Information Systemmentioning

confidence: 99%

Dynamic Keys Based Sensitive Information System

Srinivasan

2008

2008 the 9th International Conference for Young Computer Scientists

View full text Add to dashboard Cite

show abstract

“…The adversary they consider is typically a Dolev-Yao-style adversary [16], i.e., is assumed to control the entire network. The PKINIT protocol, including its Diffie-Hellman variant, has already been proven secure under that adversary model [2,8,12,23].…”

Section: Related Workmentioning

confidence: 99%

“…Kerberos is an authentication and key distribution protocol originally proposed in 1988, and has a long history of attacks and updates (see, for example, [2,12] and the references therein). Its main goal is to establish fresh session keys between users and servers and, as a result, enable users to log into multiple servers that belong to a common infrastructure.…”

Section: Overview Of the Dh Variant Of Pkinitmentioning

confidence: 99%

Toward a secure Kerberos key exchange with smart cards

Mavrogiannopoulos

Pashalidis

Preneel

2013

Int. J. Inf. Secur.

View full text Add to dashboard Cite

Public key Kerberos (PKINIT) is a standard authentication and key establishment protocol. Unfortunately, it suffers from a security flaw when combined with smart cards. In particular, temporary access to a user's card enables an adversary to impersonate that user for an indefinite period of time, even after the adversary's access to the card is revoked. In this paper, we extend Shoup's key exchange security model to the smart card setting, and examine PKINIT in this model. Using this formalization, we show that PKINIT is indeed flawed, propose a fix, and provide a proof that this fix leads to a secure protocol.

show abstract

“…This man-in-the-middle attack is the staple example for protocol verification; it is well known in the formal methods research community, and many tools can discover it. Still, for instance, Cervesato et al (2008) recently discovered that the IETF issued a public-key variant of Kerberos, shipped by multiple vendors, with essentially the same design flaw. -As an example of a cryptographic flaw, consider the padding-oracle attacks on unauthenticated ciphertexts, discovered by Bleichenbacher (1998) and Vaudenay (2002).…”

Section: Verifying Protocol Implementationsmentioning

confidence: 99%

Cryptographic Verification by Typing for a Sample Protocol Implementation

Fournet

Bhargavan

Gordon

2011

Foundations of Security Analysis and Design VI

View full text Add to dashboard Cite

International audienceType systems are effective tools for verifying the security of cryptographic protocols and implementations. They provide automation, modularity and scalability, and have been applied to large protocols. In this tutorial, we illustrate the use of types for verifying authenticity properties, first using a symbolic model of cryptography, then relying on a concrete computational assumption.(1) We introduce refinement types (that is, types carrying formulas to record invariants) for programs written in F# and verified by F7, an SMT-based type checker.(2) We describe a sample authenticated RPC protocol, we implement it in F#, and we specify its security against active adversaries.(3) We develop a sample symbolic library, we present its main cryptographic invariants, and we show that our RPC implementation is perfectly secure when linked to this symbolic library.(4) We implement the same library using concrete cryptographic primitives, we make a standard computational assumption, and we show that our RPC implementation is also secure with overwhelming probability when linked to this concrete library

show abstract

Breaking and Fixing Public-Key Kerberos

Cited by 16 publications

References 33 publications

Dynamic Keys Based Sensitive Information System

Dynamic Keys Based Sensitive Information System

Toward a secure Kerberos key exchange with smart cards

Cryptographic Verification by Typing for a Sample Protocol Implementation

Contact Info

Product

Resources

About