Talk:Kerberos (protocol)

From Wikipedia, the free encyclopedia

WikiProject on Cryptography This article is part of WikiProject Cryptography, an attempt to build a comprehensive and detailed guide to cryptography on Wikipedia. If you would like to participate, you can choose to edit the article attached to this page, or visit the project page, where you can join the project and see a list of open tasks.
WikiReader Cryptography It is intended that this article be included in WikiReader Cryptography, a WikiReader on the topic of cryptography. Help and comments for improving this article would be especially welcome. A tool for coordinating the editing and review of these articles is the daily article box.
To-do list for Kerberos (protocol): edit · history · watch · refresh

None listed.

Contents

[edit] Kerberos 4 vs. Kerberos 5

According to The Moron's Guide to Kerberos, in Kerberos 5 the final step of authenticating the service to the client does not increment the timestamp. It says:

It used to be the case (in version 4 of Kerberos) that the service would instead add 1 to the timestamp value, and return it, encrypted in the session key. That has been changed in version 5 of Kerberos.

I do not know Kerberos well enough to know whether Wikipedia is right or the Guide (I presume this page wants to be right for Kerberos 5, but I do not think that is stated anywhere).

The guide is right. Kerberos 5 simply sends back a message copying the time from the client to the server. The message is of a different form and an attacker cannot break transform one message into another. See RFC 4120 section 5.5.2.
--SamHartman 16:56, 16 September 2007 (UTC)

Seeing no disagreement so far, I plan to try and refocus the article on Kerberos 5. I'll try and add a differences from Kerberos 4 section. --SamHartman 14:16, 23 September 2007 (UTC)

[edit] Kerberized NFS

The article claims that NFSv4 supports kerberos (true), but Solaris has supported kerberized NFS even with the earlier versions of the protocol.

Frodo Looijaard (20051103)


Note too that as of Mac OS X 10.5, Apple are providing Kerberized NFSv3 support, both in OS X Server as a server, and in OS X client as a client.

Anonymous Coward. —Preceding unsigned comment added by 24.6.229.110 (talk) 02:27, 9 December 2007 (UTC)

[edit] "US DoJ finding" on Microsoft breaking Kerberos

The external link in the article to US DOJ finding that Microsoft purposefully breaks Kerberos interoperability seems to be a submission to the court by Novell, not a finding by the US DoJ. If the DoJ did conclude the same thing as Novell's submission, the external link should point to an article that directly says so, otherwise the link should probably be removed (or at least more appropriately titled). OTOH I might have misinterpreted the contents of the document. I didn't read all of it. —midg3t 04:51, 16 June 2006 (UTC)

Current versions of Microsoft Kerberos including those in the latest service packs for Windows 2000, 2003, XP and Vista pass interoperability tests against MIT Kerberos and Heimdal. I'd really like to remove the word variant from the article when describing Microsoft Kerberos but I may have a bit of a COI here so I'd like to ask before doing so.
--SamHartman 16:56, 16 September 2007 (UTC)
I'll go ahead with removing the word variant and will also try and clean up the discussion of the DOJ situation. Review appreciated.
--SamHartman 14:16, 23 September 2007 (UTC)


[edit] "Protocol" and "operation" mismatch

Currently, the article looks inconsistent because the protocol messages (in "The protocol") don't match up with the operation (given in "Kerberos operation"). Things diverge in step 4 of the operation, where two messages are sent back. Only one message is sent in the protocol. Perhaps someone could fix this? 82.36.100.133 12 Aug 2006

The BAN Logic seems quite broken. As best I can tell it is close to Kerberos 4 but it is even wrong for that. I recommend we remove the protocol section's BAN Logic and then update the remaining text to be consistent with Kerberos 5. I recommend we explicitly mention we're describing Kerberos 5.
--SamHartman 16:56, 16 September 2007 (UTC)

I'm going to implement removing the BAN logic. The more I think about it the more I'm unhappy with it. Getting something like a formal description of a protocol right is very tricky and is something that should be peer reviewed by professionals in the field. So, it should not be original wikipedia work. It also happens to be clearly wrong for both versions of Kerberos. SamHartman 14:16, 23 September 2007 (UTC)

[edit] Move to Kerberos (protocol)?

I think that the article should be moved to Kerberos (protocol) because it would be more consistent with Wikipedia naming conventions. Note that the topic is identified as only "Kerberos" both generally and in the title restatement. Thoughts? ENeville 17:02, 20 October 2006 (UTC)

Agreed. -- intgr 22:55, 17 January 2007 (UTC)

[edit] Missing info.

I recommend that in the article there should be a paragraph on comparison of Kerberos and RADIUS protocols. —The preceding unsigned comment was added by 195.70.32.136 (talk) 13:07, 2 January 2007 (UTC).

Why?
--SamHartman 16:56, 16 September 2007 (UTC)

[edit] Found this paragraphs really funny

There is a version of Kerberos called Bones, which is exactly like Kerberos, except that Bones doesn't encrypt any of the messages. So what is it good for? The U.S. restricts export of cryptography; if it's sufficiently advanced, it qualifies as munitions, in fact. At one time, it was extraordinarily difficult to get crypto software out of the U.S. On the other hand, there is a wide variety of legitimate software that is exported (or created outside the U.S. altogether), and expects Kerberos to be there. Such software can be shipped with Bones instead of Kerberos, tricking them into thinking that Kerberos is there.

Doug Rickard wrote to explain how Bones got its name. In 1988, he was working at MIT, with the Project Athena group. He was trying to get permission from the State Department to export Kerberos to Bond University in Australia. The State Department wouldn't allow it--not with DES included. To get it out of the country, they had to not only remove all calls to DES routines, but all comments and textual references to them as well, so that (superficially, at least) it was non-trivial to determine where the calls were originally placed.

To strip out all the DES calls and garbage, John Kohl wrote a program called piranha. At one of their progress meetings, Doug jokingly said, "And we are left with nothing but the Bones." For lack of a better term, he then used the word "Bones" and "boned" in the meeting minutes to distinguish between the DES and non-DES versions of Kerberos. "It somehow stuck," he says, "and I have been ashamed of it ever since."

Back at Bond University, Errol Young then put encryption back into Bones, thus creating Encrypted Bones, or E-Bones.

Its from Moron's guide to Kerberos —The preceding unsigned comment was added by Wk muriithi (talkcontribs) 06:45, 13 January 2007 (UTC).

[edit] Reply attack to described protocol?

I'm new to Kerberos, but the described protocol seems vulnerable to a reply-attack: if an intruder I records message 3 and resend it soon, B detects it as host A. The problem is that A don't authenticates to B. This should be done with something as:

4: B \rightarrow A: \{T_A + 1\}_{K_{AB}}, N_B

5: A \rightarrow B: \{N_B + 1\}_{K_{AB}} —The preceding unsigned comment was added by 213.140.6.116 (talk) 00:28, 8 April 2007 (UTC).

[edit] Missing Software?

Should not Microsoft Office SharePoint Server 2007 be added to the list of software that supports Kerberos authentication? —Preceding unsigned comment added by 81.144.188.98 (talk) 15:21, 15 November 2007 (UTC)

[edit] Kerberos Pronunciation

I don't know the IPA but could someone add something about how to pronounce this? It's something like Kerb-er-ross 202.160.118.227 05:02, 2 December 2007 (UTC)