Security Implications in Kerberos by the Introduction of Smart Cards

Provided by: Association for Computing Machinery
Topic:
Format: PDF
Public Key Kerberos (PKINIT) is a standardized authentication and key establishment protocol which is used by the windows active directory subsystem. In this paper the authors show that card-based public key kerberos is awed. In particular, access to a user's card enables an adversary to impersonate that user even after the adversary's access to the card is revoked. The attack neither exploits physical properties of the card, nor extracts any of its secrets. They propose protocol fixes and discuss properties that authentication and/or key establishment protocols should provide in order to be better equipped against the threats that arise due to the usage of smart cards.

Find By Topic