Alternate document:   Details   Limitations of the Kerberos Authentication System (91) Steven M. Bellovin, Michael Merritt

See this document in CiteSeerX!

Limitations of the Kerberos Protocol (1991)  (Make Corrections)  (1 citation)
S.M. Bellovin, M. Merritt
USENIX Conference Proceedings



  Home/Search   Context   Related

 
View or download:
stanford.edu/~mgba...krblimitations.ps
stanford.edu/~manku...90kerberos.ps.gz
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  stanford.edu/~mgbaker/classes/... (more)
(Enter author homepages)

Rate this article: (best)
View Comments (0)
(Enter summary)

Abstract: The Kerberos authentication system, a part of MIT's Project Athena, has been adopted by other organizations. Despite Kerberos's many strengths, it has a number of limitations and some weaknesses. Some are due to specifics of the MIT environment; others represent failures in the protocol design. We discuss a number of such problems, and present solutions to some of them. We also demonstrate how special-purpose cryptographic hardware may be needed in some cases. 1. INTRODUCTION The Kerberos... (Update)

Context of citations to this paper:   More

.... DCE Kerberos passwo rd based authen tication weaknesses (though cross cell surrogate secret keys still remain in the registry) See [BelMer] Note that only PK login (PK authentication of user to KDS) is supported in DCE 1.2 not full end to end PK authentication of...

Cited by:   More
Challenges Concerning Public-Key in DCE - Tuvell   (Correct)

Similar documents (at the sentence level):
75.3%:   Limitations of the Kerberos Authentication System - Bellovin, Merritt (1991)   (Correct)

Active bibliography (related documents):   More   All
0.2:   There Be Dragons - Bellovin (1992)   (Correct)
0.2:   The Great Disconnection? - Michael Schwartz   (Correct)
0.2:   Encrypted Key Exchange: Password-Based Protocols Secure.. - Bellovin, Merritt (1992)   (Correct)

Similar documents based on text:   More   All
0.6:   Heimdal and Windows 2000 Kerberos - how to get them to.. - Westerlund, Danielsson (2001)   (Correct)
0.5:   An Authentication Service for Open Network Systems - Steiner, Neuman, Schiller (1988)   (Correct)
0.5:   The Kerberos Network Authentication Service - Kohl, Neuman (1991)   (Correct)

BibTeX entry:   (Update)

S. Bellovin, M. Merritt, "Limitations of the Kerberos Protocol" Winter 1991 USENIX Conference Proceedings. http://citeseer.ist.psu.edu/bellovin91limitations.html   More

@inproceedings{ bellovin91limitations,
    author = "Steven M. Bellovin and Michael Merritt",
    title = "Limitations of the {K}erberos Authentication System",
    booktitle = "{USENIX} Conference Proceedings",
    month = "Winter",
    publisher = "USENIX",
    address = "Dallas, TX",
    pages = "253--267",
    year = "1991",
    url = "citeseer.ist.psu.edu/bellovin91limitations.html" }
Citations (may not include all citations):
640   Transmission Control Protocol (context) - Postel - 1981
635   New Directions in Cryptography - Diffie, Hellman - 1976
317   Kerberos: An Authentication Service for Open Network Systems - Steiner, Neuman et al. - 1988
304   User Datagram Protocol - Postel - 1980
136   The Kerberos Network Authentication Service - Kohl, Neuman et al. - 1989
54   Network Time Protocol (context) - Mills - 1989
54   Network Time Protocol (context) - Mills - 1988
47   Protocol Failures in Cryptosystems (context) - Moore - 1988
44   Reducing Risks from Poorly Chosen Keys - Lomas, Gong et al. - 1989
40   Computation of Discrete Logarithms in Prime Fields - LaMacchia, Odlyzko
27   UNIX Operating System Security (context) - Grampp, Morris - 1984
25   Codebreakers: The Story of Secret Writing (context) - Kahn - 1967
19   Time Protocol (context) - Postel, Harrenstien - 1983
15   Cipher Systems (context) - Beker, Piper - 1982
13   UNIX Password Security (context) - Morris, Thompson - 1979
13   Protocols for Data Security (context) - DeMillo, Merritt - 1983
10   Machine Cryptography and Modern Cryptanalysis (context) - Deavours, Kruh - 1985
9   Workstation Services and Kerberos Authentication at Project .. (context) - Davis, Swick - 1989
4   Stalking the Wiley Hacker (context) - Stoll - 1988

Documents on the same site (http://mosquitonet.stanford.edu/~mgbaker/classes/cs244b-s95/):
The Evolution of the Kerberos Authentication Service - Kohl, Neuman, Ts'o (1991)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC