Kerberos is a distributed authentication system that many organizations use to handle domain-wide password security. Although it has been known for quite some time that Kerberos is vulnerable to brute-force password searches, there has so far been little analysis of the scope and extent of this vulnerability. This paper discusses the natureofthis weakness in detail and attempts to quantify the severity of the danger it poses to existing Kerberized installations. The results of a controlled experiment, in which a large number of passwords from a Kerberos realm were broken o#-line and subjected to analysis, will be presented. The author explores possible strategies for repairing this security hole, the most viable of which is the use of Kerberos V5 preauthentication coupled with a secure password authentication protocol such as SRP, SPEKE, or EKE. 1 Introduction Kerberos #18#, developed at MIT about ten years ago, was an authentication infrastructure designed to assure the security of ...

Public-key cryptographyhaslowinfrastructural overhead because public-key users bear a substantial but hidden administrative burden. A public-key security system trusts its users to validate each others ' public keys rigorously and to manage their own private keys securely. Both tasks are hard to do well, but publickey security systems lack a centralized infrastructure for enforcing users ' discipline. A compliance defect in a cryptosystem is such a rule of operation that is both di cult to follow and unenforceable. This paper presents ve compliance defects that are inherent in public-key cryptography � these defects make publickey cryptography more suitable for server-to-server security than for desktop applications. 1