On Tue, 2002-04-30 at 22:56, Bob Tanner wrote:
> Having an internal discussion at Real Time about kerberos.
[snip]
> Anyways, with openssh, ssl, generic TLS stuff. Is kerberos necessary still?
> 
> Some people here are arguing the kerberos is "old" technology and not necessary.
> Others argue about security issue in kerberos. Still others argue that kerberos
> is the only was to support things like secure/token cards.

The main disadvantage that I saw when I took a look at Kerberos (never
implemented it anywhere, so maybe my view of the situation is poor) is
that it required the hosts that used it to be trusted.  Kerberos clients
and servers use encryption to keep their communications away from prying
eyes, but they use a shared secret key, rather than a public/private
keypair like what you see in SSL applications[1].

Using a shared secret key limits the places you can implement Kerberos. 
You can't have all of your users going around with their laptops.  Or,
maybe you can, but everyone has to have the same secret key.  This is
similar to the problem with WEP encryption and public networks.  It's
essentially useless since everyone knows what the key is.

Additionally, I seem to remember that Kerberos only worries about
authentication.  Things like telnet sessions aren't actually encrypted,
IIRC.  Even without authentication information, there's a lot of stuff
an attacker could get to if they could only sniff the network.  I can't
remember if that's true, though..

Kerberos, from all I've heard, is still a good system.  Unfortunately,
the areas where it can be deployed are limited, and there have to be
ways for untrusted systems to talk to each other without having others
eavesdrop on them.

SSH can be set up to act very similarly to a kerberos installation, from
what I understand, using ssh-agent and public/private identity files. 
You can ssh-add an identity, enter your password, and then connect to a
server cluster.  If the public part of your identity is properly
installed on the server cluster and agent forwarding is enabled, you can
ssh around without having to enter your password again.  Of course, this
only works with SSH (as far as I know), so kerberos still probably wins
out since so many services have been kerberized.

I guess I'd say that it's the beginning of the end for kerberos, but I'm
sure it'll be around for a long time.


[1] Actually, from what I recall, SSL only uses public/private keypairs
at the beginning of a session.  Because public key encryption is so
CPU-intensive, they just generate a temporary shared secret key, and use
that for the rest of the session.

-- 
 _  _  _  _ _  ___    _ _  _  ___ _ _  __   I took a course in speed
/ \/ \(_)| ' // ._\  / - \(_)/ ./| ' /(__   waiting. Now I can wait an
\_||_/|_||_|_\\___/  \_-_/|_|\__\|_|_\ __)  hour in only ten minutes.
[ Mike Hicks | http://umn.edu/~hick0088/ | mailto:hick0088 at tc.umn.edu ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20020501/1d6368c1/attachment.pgp