Kerberos V4
- From: "charliemason" <charliemx@xxxxxxxxxx>
- Date: Mon, 26 Mar 2007 20:35:36 +1000
In Kerberos V4 The KDC database isn't encrypted as a whole. Instead each
user's master key is independently encrypted with the KDC master key.
If replication was done with a standard download (instead of the
cryptographic integrity check which is performed). How could a bad guy who
is a principal registered with a KDC impersonate Alice, another principal
registered with that KDC? What is it that the cryptographic check is
preventing the bad guy from doing?
I would have thought that modifying details in the database would just
corrupt it?
.
- Follow-Ups:
- Re: Kerberos V4
- From: David Wagner
- Re: Kerberos V4
- From: David Wagner
- Re: Kerberos V4
- Prev by Date: Re: Beginner Question:Gnupg Decryption
- Next by Date: Re: Kerberos V4
- Previous by thread: Beginner Question:Gnupg Decryption
- Next by thread: Re: Kerberos V4
- Index(es):
