Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!ucbvax!agate!shelby!ATHENA.MIT.EDU!jtkohl
From: jtkohl@ATHENA.MIT.EDU (John T Kohl)
Newsgroups: comp.protocols.kerberos
Subject: Distinguishing "users" and "services"
Message-ID: <8905081836.AA05625@LYCUS.MIT.EDU>
Date: 8 May 89 18:36:39 GMT
Sender: daemon@shelby.Stanford.EDU
Organization: The Internet
Lines: 26

Several times in the last year I've been discussing Kerberos and the
phrase "well, if we distinguished between services and users, we could
..." popped up (This idea was recently resurfaced by conversations with
Jeff Schiller and L. Gong).

I propose allocating a flag bit in the KDC database to indicate that the
indicated principal is not allowed to provide direct service, i.e. the
TGS will reject any requests to issue a ticket which the principal can
decrypt.  This bit, when turned on, means essentially "this is a user".
This differentiation between users and services can help plug known
plaintext attacks against a user's private key, by preventing an
attacker from obtaining a ticket with a large amount of known plaintext
encrypted in the private key of the principal under attack.  Combined
with some other proposals to modify the response to the initial ticket
request, this could reduce a principal's private key exposure to
encryption of essentially random data.  [And with the use of some public
key cryptography for initial ticket requests, even that could be
eliminated.]

It might be desirable to allow any principal to remotely change its own bit
(assuming it is properly authenticated to the KDC).

Comments?

John Kohl <jtkohl@ATHENA.MIT.EDU>
Digital Equipment Corporation/Project Athena