{"title":"错误的信任:Kerberos 4会话密钥","authors":"Bryn Dole, S. Lodin, E. Spafford","doi":"10.1109/NDSS.1997.579221","DOIUrl":null,"url":null,"abstract":"One of the commonly accepted principles of software design for security is that making the source code openly available leads to better security. The presumption is that the open publication of source code will lead others to review the code for errors, however this openness is no guarantee of correctness. One of the most widely published and used pieces of security software in recent memory is the MIT implementation of the Kerberos authentication protocol. In the design of the protocol, random session keys are the basis for establishing the authenticity of service requests. Because of the way that the Kerberos Version 4 implementation selected its random keys, the secret keys could easily be guessed in a matter of seconds. This paper discusses the difficulty of generating good random numbers, the mistakes that were made in implementing Kerberos Version 4, and the breakdown of software engineering that allowed this flaw to remain unfixed for ten years. We discuss this as a particularly notable example of the need to examine security-critical code carefully, even when it is made publicly available.","PeriodicalId":224439,"journal":{"name":"Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security","volume":"704 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1997-02-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"21","resultStr":"{\"title\":\"Misplaced trust: Kerberos 4 session keys\",\"authors\":\"Bryn Dole, S. Lodin, E. Spafford\",\"doi\":\"10.1109/NDSS.1997.579221\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"One of the commonly accepted principles of software design for security is that making the source code openly available leads to better security. The presumption is that the open publication of source code will lead others to review the code for errors, however this openness is no guarantee of correctness. One of the most widely published and used pieces of security software in recent memory is the MIT implementation of the Kerberos authentication protocol. In the design of the protocol, random session keys are the basis for establishing the authenticity of service requests. Because of the way that the Kerberos Version 4 implementation selected its random keys, the secret keys could easily be guessed in a matter of seconds. This paper discusses the difficulty of generating good random numbers, the mistakes that were made in implementing Kerberos Version 4, and the breakdown of software engineering that allowed this flaw to remain unfixed for ten years. We discuss this as a particularly notable example of the need to examine security-critical code carefully, even when it is made publicly available.\",\"PeriodicalId\":224439,\"journal\":{\"name\":\"Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security\",\"volume\":\"704 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1997-02-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"21\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NDSS.1997.579221\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NDSS.1997.579221","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 21
摘要
一个被普遍接受的软件安全性设计原则是,开放源代码可以带来更好的安全性。假设源代码的公开发布将导致其他人审查代码中的错误,但是这种开放性并不能保证代码的正确性。最近发布和使用最广泛的安全软件之一是Kerberos身份验证协议的MIT实现。在协议设计中,随机会话密钥是建立服务请求真实性的基础。由于Kerberos Version 4实现选择其随机密钥的方式,可以很容易地在几秒钟内猜出秘密密钥。本文讨论了生成好的随机数的困难,在实现Kerberos Version 4时所犯的错误,以及软件工程的崩溃导致这个缺陷十年都没有得到修复。我们将此作为需要仔细检查安全关键代码的一个特别值得注意的示例来讨论,即使它是公开可用的。
One of the commonly accepted principles of software design for security is that making the source code openly available leads to better security. The presumption is that the open publication of source code will lead others to review the code for errors, however this openness is no guarantee of correctness. One of the most widely published and used pieces of security software in recent memory is the MIT implementation of the Kerberos authentication protocol. In the design of the protocol, random session keys are the basis for establishing the authenticity of service requests. Because of the way that the Kerberos Version 4 implementation selected its random keys, the secret keys could easily be guessed in a matter of seconds. This paper discusses the difficulty of generating good random numbers, the mistakes that were made in implementing Kerberos Version 4, and the breakdown of software engineering that allowed this flaw to remain unfixed for ten years. We discuss this as a particularly notable example of the need to examine security-critical code carefully, even when it is made publicly available.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
