bibliography: Formal analysis of Kerberos 5

19 May 2012

Text Size

"One often hears recommendations for key-sizes of public-key cryptosystems needed to obtain security for 30 years and even 50 years. Anyone wanting a real security of this magnitude should probably take the construction of the quantum computer into consideration."

ECRYPT, “D.PROVI.3 – First Summary Report on Unconditionally Secure Protocols”, January 2005

Read more...
"One should not assume that stakeholders do not care about their security merely because they do not understand the consequences of certain actions. The perception of risk can vary significantly from actual risk and, in the short term, convenience may lead some early adopters to make hazardous decisions."
SecurIST, “D3.3 – ICT Security & Dependability Research beyond 2010: Final Strategy”, January 2007
Read more...
"There is a good chance that large quantum computers can be built within the next 20 years. This would be a nightmare for IT security if there are no fully developed, implemented, and standardized post-quantum signature schemes."

Prof. Johannes Buchmann, et al, “Post-Quantum Signatures”, Oct 2004, Technische Universität Darmstadt

Read more...

Home

Authors:	Frederick Butler, Iliano Cervesato, Aaron D. Jaggard, Andre Scedrov, Christopher Walstad
Organisation:
Date:	November 2006
Keywords:	symmetric key exchange, symmetric authentication, Kerberos, federated system, cryptanalysis
Electronic Publication:	PDF on CITESEER
Abstract:	We report on the detailed verification of a substantial portion of the Kerberos 5 protocol specification. Because it targeted a deployed protocol rather than an academic abstraction, this multi-year effort led to the development of new analysis methods in order to manage the inherent complexity. This enabled proving that Kerberos supports the expected authentication and confidentiality properties, and that it is structurally sound; these results rely on a pair of intertwined inductions. Our work also detected a number of innocuous but nonetheless unexpected behaviors, and it clearly described how vulnerable the cross-realm authentication support of Kerberos is to the compromise of remote administrative domains.
Notes:	This paper may describe the most effective attacks against Kerberos as of 2008.
Citation:	Frederick Butler, Iliano Cervesato, Aaron D. Jaggard, Andre Scedrov, Christopher Walstad, “Formal analysis of Kerberos 5”, Theoretical Computer Science, v.367 n.1, p.57-87, 24 November 2006
Related work:

Last Updated on Sunday, 04 January 2009 11:04