Abstract:
One of the commonly-accepted principles of software design for security is that making the source code openly available leads to better security. The presumption is that the open publication of source code will lead others to review the code for errors. However, this openness is no guarantee of correctness. One of the most widely-published and used pieces of security software in recent memory is the MIT implementation of the Kerberos authentication protocol. In the design of the protocol, random session keys are the basis for establishing the authenticity of service requests. Because of the way that the Kerberos Version 4 implementation selected its random keys, the secret keys could easily be guessed in a matter of seconds. This paper discusses the difficulty of generating good random numbers, the mistakes that were made in implementing Kerberos Version 4, and the breakdown of software engineering that allowed this flaw to remain unfixed for ten years. We discuss this as a particularl...
Citations
|
725
|
Using encryption for authentication in large networks of computers
– Needham, Schroeder
- 1978
|
|
567
|
Applied Cryptography: Protocols, Algorithms, and Source Code
– SCHNEIER
- 1996
|
|
539
|
An Authentication Service for Open Network Systems
– Steiner, Neuman, et al.
- 1988
|
|
418
|
Cryptography and Data Security
– Denning
- 1982
|
|
387
|
The protection of information in computer systems
– Saltzer, Schroeder
- 1975
|
|
287
|
Kerberos: An Authentication Service for Computer Networks
– Neuman, Ts’o
- 1994
|
|
114
|
The kerberos network authentication service (v5
– Kohl, Neuman
- 1993
|
|
98
|
Limitations of the Kerberos authentication system
– Bellovin, Meritt
- 1990
|
|
75
|
Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security” in www.counterpane. com/keylength.html
– Blaze, Diffie, et al.
- 1996
|
|
38
|
Requirements for Network Payment: The Netcheque Perspective
– Neuman, Medvinsky
- 1995
|
|
37
|
Randomness and the Netscape Browser
– Goldberg, Wagner
- 1996
|
|
19
|
The Art of Computer Programming, Vol II: Seminumerical Algorithms, 3rd edition
– Knuth
- 1998
|
|
11
|
Randomness recommendations for security,” Request for Comments 1750, Internet Engineering Task Force
– Eastlake, Crocker, et al.
- 1994
|
|
9
|
JavaOS: A Standalone Java Environment
– Madany
- 1996
|
|
5
|
The Java Platform
– Kramer
- 1996
|
|
2
|
random key(). http://www.mit.edu: 8008/menelaus.mit.edu/kerberos/487
– Anderson
- 1988
|
|
2
|
The Mythical Man-Month, chapter Why Did the Tower of Babel Fail? Addison-Wesley, Menlo Park, CA, anniversary edition edition
– Jr
- 1995
|
|
2
|
Netscape security (problems). http:// hplyot.obspm.fr/˜dl/netscapesec
– Demailly
- 1995
|
|
2
|
MIT-MAGIC-COOKIE-1 random number generator problems. E-mail correspondence
– Hall
- 1996
|
|
2
|
Security Bulletin: HPSBUX9602030. http://us.external.hp.com/search
– Hewlett-Packard
- 1996
|
|
2
|
Sesame security issues. E-mail correspondence
– Lebastard
- 1996
|
|
2
|
mit-magic-cookie-1 random number weakness. E-mail correspondence to the Best-of-Security mailing list
– X11
- 1995
|
|
1
|
Social processes and the proofs of theorems and programs
– Perlis
- 1979
|
|
1
|
Re: Integrity of MIT source
– Ts'o
- 1991
|
