Nikos Mavrogiannopoulos, A. Pashalidis, B. Preneel
{"title":"引入智能卡对Kerberos的安全影响","authors":"Nikos Mavrogiannopoulos, A. Pashalidis, B. Preneel","doi":"10.1145/2414456.2414490","DOIUrl":null,"url":null,"abstract":"Public key Kerberos (PKINIT) is a standardized authentication and key establishment protocol which is used by the Windows active directory subsystem. In this paper we show that card-based public key Kerberos is flawed. In particular, access to a user's card enables an adversary to impersonate that user even after the adversary's access to the card is revoked. The attack neither exploits physical properties of the card, nor extracts any of its secrets.","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2012-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Security implications in Kerberos by the introduction of smart cards\",\"authors\":\"Nikos Mavrogiannopoulos, A. Pashalidis, B. Preneel\",\"doi\":\"10.1145/2414456.2414490\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Public key Kerberos (PKINIT) is a standardized authentication and key establishment protocol which is used by the Windows active directory subsystem. In this paper we show that card-based public key Kerberos is flawed. In particular, access to a user's card enables an adversary to impersonate that user even after the adversary's access to the card is revoked. The attack neither exploits physical properties of the card, nor extracts any of its secrets.\",\"PeriodicalId\":72308,\"journal\":{\"name\":\"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-05-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2414456.2414490\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2414456.2414490","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Security implications in Kerberos by the introduction of smart cards
Public key Kerberos (PKINIT) is a standardized authentication and key establishment protocol which is used by the Windows active directory subsystem. In this paper we show that card-based public key Kerberos is flawed. In particular, access to a user's card enables an adversary to impersonate that user even after the adversary's access to the card is revoked. The attack neither exploits physical properties of the card, nor extracts any of its secrets.