Kerberos Replay attack - how it is detected in SSPI?
From: Aleksey Studnev (studnev@mobilae.ru)
Date: 01/13/03
- Next message: Khan: "Password Expiry"
- Previous message: Rami Yosef: "Cannot access to computers in windows 2000 domaim"
- In reply to: terry: "Kerberos Replay attack - how it is detected in SSPI?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Aleksey Studnev" <studnev@mobilae.ru> Date: Mon, 13 Jan 2003 02:14:26 -0800
Does somebody really knows how Win Krb detects replays?
For MIT i have at least source code and it is compliant
with the standard.
>-----Original Message-----
>this is very complex here are some pages that can help.
>
>this is a good description of the issue (there are 14
>ppt slides)
>
>http://www.theorygroup.com/Theory/Talks/securify_kerberos/
>sld001.htm
>
>
>this page explains the legal stuff (it was in all the
>papers)
>
>http://www.thestandard.com/article/0,1902,14996,00.html?
>body_page=1
>
>
>and this is the answer the all your questions but you are
>going to have to know c-ish
>
>http://members.tripod.com/~kerbspec/
>
>i have nothing else to tell you.
>
>please read all the links because one without the others
>is useless
>
>the hole in kerberos standard still exists.
>
>please know direct emails. trt
>
>>-----Original Message-----
>>What exact optional field MS uses ? Sequense number?
>>What happens if this field is missing from request?
>>
>>Anyway this need to be noted when interoperating of SSPI
>>and other Krb implementations, as soon it makes a real
>>problems.
>>Tokens issued by SSPI considered as replay for MIT.
>>
>>Regards,
>> Aleksey
>>
>>
>>>-----Original Message-----
>>>ms uses an option field in conjuction with the time.
>>>
>>>if the standard says optional and you use it does that
>>>mean you are breaking the standard? or is it just
>using
>>>the standard to create your system. in short using the
>>>options to make a working system. this is what all PKI
>>>systems do as well as other things that follow
>>>the "standard".
>>>
>>>ms also uses a field that is for future use as well.
>>>they made many people upset when they did this but it
>is
>>>in the standard in some shape or form.
>>>
>>>there was alot of talk about this when win2k server
>came
>>>out.
>>>
>>>please no direct emails.
>>>
>>>trt
>>>
>>>>-----Original Message-----
>>>>One question to you, Windows security gurus:
>>>>how SSPI detects replay attack?
>>>>I have implemented interoperability between MIT Krb5
>>>>and SSPI and found an issue:
>>>>
>>>>When MIT makes authenticator in token it makes
>artifical
>>>>randomization of micorseconds field by adding
>>>incremental
>>>>value. Thats is because _ftime() function returns
>>>granular
>>>>time with quant 18 ms.
>>>>
>>>>On server side MIT compares only security principals
>and
>>>>times as specificated in Krb standard.
>>>>
>>>>SSPI does not do this, so if you request 2 tokens for
>>>>one service and user they will appear with _identical_
>>>>times (including microsecond field).
>>>>
>>>>Nevertherless, SSPI does not detect replay in this
>case..
>>>>but MIT does. MIT in this regard works according to
>Krb
>>>>standard and SSPI does not.
>>>>But still how SSPI detects replay? If it uses other
>>>>authenticator fields it is wrong, because they all are
>>>>optional. Sequense number is optional as well...
>>>>any ideas?
>>>>
>>>>
>>>>.
>>>>
>>>.
>>>
>>.
>>
>.
>
- Next message: Khan: "Password Expiry"
- Previous message: Rami Yosef: "Cannot access to computers in windows 2000 domaim"
- In reply to: terry: "Kerberos Replay attack - how it is detected in SSPI?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
