Path: utzoo!attcan!uunet!snorkelwacker!apple!bionet!agate!shelby!ctt.bellcore.com!lunt From: lunt@ctt.bellcore.com (Steve Lunt) Newsgroups: comp.protocols.kerberos Subject: Re: Why is initial user authentication done the way it is? Message-ID: <9006151340.AA28772@dduck.ctt.bellcore.com> Date: 15 Jun 90 13:40:23 GMT Sender: daemon@shelby.Stanford.EDU Organization: The Internet Lines: 33 I would add to this list below (arguably most important) that under Unix, /etc/passwd is protected by the Unix access control mechanism, so that Unix may enforce password screening, whereas the Kerberos database is protected by a mechanism which doesn't allow it to know by what password its keys are based. -- Steve Steven J. Lunt | lunt@ctt.bellcore.com | RRC 1L-213 Computer Security Technology |-------------------------| 444 Hoes Lane Bellcore | (201) 699-4244 | Piscataway, NJ 08854 From: "Jonathan I. Kamens" First of all, let me reiterate why I still think this is a problem. In the description below, "Unix" is short for the tradiitional Unix authentication system: 1. Under Unix, you have to have an account on a properly configured machine in order to get a hole of the passwd file. Under Kerberos, anyone on the Internet can request an encrypted sample of anyone to bang on it. 2. Under Unix, every possible password must be encrypted using every possible seed in order to match against strings in the passwd file. Under Kerberos, this isn't necessary -- just run string_to_key over all of your possible passwords and they can immediately be used for decryption attempts. 3. The crypt() function under Unix is meant to be slow. Kerberos' decryption of the tgt is faster, significantly. Furthermore, it's straight DES, so anyone who is serious about cracking passwords can use all of the available DES hardware to do his cracking. In summary, it's easier to get a hold of encrypted Kerberos data to play with than it is to get a hold of /etc/passwd data, and playing with it is faster.