Limitations of the Kerberos authentication system

@article{Bellovin1990LimitationsOT,
  title={Limitations of the Kerberos authentication system},
  author={Steven M. Bellovin and Michael Merritt},
  journal={Comput. Commun. Rev.},
  year={1990},
  volume={20},
  pages={119-132}
}
The Kerberos authentication system, a part of MIT's Project Athena, has been adopted by other organizations. Despite Kerberos's many strengths, it has a number of limitations and some weaknesses. Some are due to specifics of the MIT environment; others represent deficiencies in the protocol design. We discuss a number of such problems, and present solutions to some of them. We also demonstrate how special-purpose cryptographic hardware may be needed in some cases. 
The Evolution of the Kerberos Authentication Service
TLDR
Some of the limitations of Version 4 of Kerberos are discussed and the solutions provided by Version 5 are presented. Expand
A Modified Kerberos Authentication Scheme Using Public Key Cryptography
TLDR
An improved scheme using the Public Key cryptography will be proposed to enhance Kerberos security strength to overcome a number of limitations and weaknesses. Expand
Unix Security & Kerberos
  • B. D. Decker
  • Computer Science
  • Computer Security and Industrial Cryptography
  • 1991
TLDR
Some security issues related to the UNIX operating system, which is today the de facto standard Operating System are discussed, and the introduction of the Kerberos authentication system which is also becoming a “standard” in open network environments. Expand
Security implications in Kerberos by the introduction of smart cards
TLDR
This paper shows that card-based public key Kerberos is flawed, in particular, access to a user's card enables an adversary to impersonate that user even after the adversary's access to the card is revoked. Expand
Addressing Kerberos 5 Security Issues
TLDR
The aim of this paper is to address Kerbero5 security issues and recommend feasible changes done to a protocol in order to improve the quality of Kerberos. Expand
The Perils of Unauthenticated Encryption: Kerberos Version 4
TLDR
An efficient chosen-plaintext attack is implemented that uses this design flaw to impersonate arbitrary principals and identify corrective measures taken in the proposed revisions of the Kerberos authentication protocol, which repair these flaws. Expand
A Real-World Analysis of Kerberos Password Security
TLDR
The author explores possible strategies for repairing this security hole, the most viable of which is the use of Kerberos V5 preauthentication coupled with a secure password authentication protocol such as SRP. Expand
An Authentication Protocol Based on Kerberos 5
TLDR
Some modiflcations to the widely deployed Kerberos authentication protocol are introduced, which will be independent of the user password to overcome the weak passwords chosen by the network principal that are susceptible to password guessing attacks. Expand
Plugging the holes in host-based authentication
  • J. Reid
  • Computer Science
  • Comput. Secur.
  • 1996
Many of the most popular computer and network authentication schemes commonly in use today are surprisingly weak. Some progress has been made in recent years, though stronger schemes have yet to beExpand
Formal Analysis of the Kerberos Authentication System
TLDR
Gurevich's Abstract State Machine formalism is used to specify the Kerberos Authentication System based on the Needham-Schroeder authentication protocol and is used as a basis both to discover the minimum assumptions to guarantee the correctness of the system and to analyse its security weaknesses. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 63 REFERENCES
Kerberos authentication and authorization system
This document describes the assumptions, short and long term goals, and system model for a network authentication system, named Kerberos, for the Athena environment. An appendix specifies theExpand
Protocol failures in cryptosystems
TLDR
The author surveys a collection of protocols in which the level of security or authentication required by the system is actually attained, not because of a failure of the cryptoalgorithm used, but rather because of shortcomings in the design of the protocol. Expand
Reducing risks from poorly chosen keys
TLDR
This paper shows alternatively how to construct an authentication protocol in which offline experimentation is impracticable; any attack based on experiment must involve the real authentication server and is thus open to detection by the server noticing multiple attempts. Expand
The UNIX system UNIX operating system security
TLDR
Some of the security hazards of the UNIX™ operating system are discussed, and ways to protect against them are suggested, in the hope that an educated community of users will lead to a level of protection that is stronger, but far more importantly, that represents a reasonable and thoughtful balance between security and ease of use of the system. Expand
Computation of Discrete Logarithms in Prime Fields
The presumed difficulty of compoting di~rete logarithms in finite fields is the basis of several popular public key cryptosystems. The secure identification option of the Sun Network File System, forExpand
New directions in cryptography
TLDR
This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing. Expand
An authentication service for open network systems
TLDR
The design aims to propose and study an API for integrating the authorization service into application programs, and to develop a better understanding of anonymous authorization and a formal understanding of authenticated delegation. Expand
Security Mechanisms in High-Level Network Protocols
TLDR
The implications of adding security mechanisms to high-level network protocols operating in an open-system environment are analyzed, and a brief description of the two basic approaches to communications security, link-oriented measures and end-to-end measures concludes that end- to- end measures are more appropriate in anopen- system environment. Expand
Computation of discrete logarithms in prime fields
TLDR
This paper describes an implementation of a discrete logarithm algorithm which shows that primes of under 200 bits, such as that in the Sun system, are very insecure. Expand
Protocols for Data Security
TLDR
The methods the authors will describe in this article require the participants to execute communications algorithms, called protocols, which must maintain the properties that Alice and Bob's protocol must maintain in order to guard against cheating by either side. Expand
...
1
2
3
4
5
...