期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

对Kerberos协议的攻击及对策研究 被引量:15

Study of the Attacks on Kerberos Protocol and Countermeasures
下载PDF
导出
摘要 Kerberos协议是当今最重要的实用认证协议,但是它也存在着一些局限性和缺陷,文章主要分析了Kerberos协议的两种最重要的攻击:口令攻击和重放攻击,以Windows2000环境下对Kerberos协议进行的攻击为例进行了具体分析。并且把对Kerberos的各种改进方案作了一个全面的分析和总结,把各种方法作了一个对比,找出各种方法的优缺点,这将对以后Kerberos协议更完美的改进起参考作用。 Kerberos protocol is the most important authentication protocol nowadays, nevertheless it has some limitations and flaws. This paper focuses on a detailed analysis of the two most important kinds of attacks: password attack and replay attack, with the example attacks in the environment of Windows 2000. It also presents an all-around analysis and a summary of the various improved countermeasures as well as a comparison of them, which by showing the advantages and disadvantages of each countermeasure will serve as a reference for the future perfection of the Kerberos protocol.
作者 莫燕 张玉清 李学干
机构地区 西安电子科技大学计算机学院 中国科学院研究生院国家计算机网络入侵防范中心
出处 《计算机工程》 EI CAS CSCD 北大核心 2005年第10期66-68,F003,共4页 Computer Engineering
基金 国家自然科学基金资助项目(60102004 60273027 60025205)
关键词 KERBEROS 口令攻击 重放攻击 Kerberos Password attack Replay attack
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献10

  • 1秦小龙,杨义先.USB密码钥及其在Kerberos系统中的应用[J].计算机工程与应用,2002,38(5):12-14. 被引量:6
  • 2Steiner J G, Neuman B C, Schiller J I. Kerberos: An Authentication Service for Open Network Systems. USENIX Conference Proceedings, 1988-02:191-202
  • 3Bellovin S M, Merritt M. Limitations of the Kerberos Protocol [C].Winter 1991, USENIX Conference Proceedings, USENIX Asociation, 1991: 253-267
  • 4Kasslin K, Tikkanen A.Password Attack on Kerberos V and Windows2000.http ://www. hut.fi/~autikkan/kerberos/docs/phasel/pdf/LATEST_password_attack.pd f, 2003-05-09
  • 5Kasslin K, Tikkanen A. Replay Attack on Kerberos V and SMB.http://www.hut.fi/~autikkan/kerberos/docs/phasel/pdf/LAT EST_replay_attack.pdf,2003-03-16
  • 6Kasslin K, Tikkanen A. Attacks on Kerberos V in a Windows2000 Environment. http://www. hut.fi/~autikkan/kerberos/docs/phasel/pdf/LATEST_final_report.pdf,2003- 07-10
  • 7Sirbu M A, Chuang J. Distributed Authentication in Kerberos Using Public Key Cryptography[A]. Symposium on Network and Distributed System Security (NDSS'97) [C]. San Diego, California,1997
  • 8Yaksha G R. Augmenting Kerberos with the Public Key Cryptography [C]. Proceedings of the Internet Society Symposiumon Networkand Distributed System Security. IEEE Computer Society Press, 1995: 132-143
  • 9刘克龙,卿斯汉,蒙杨.一种利用公钥体制改进Kerberos协议的方法[J].软件学报,2001,12(6):872-877. 被引量:34
  • 10Gaskell. G I. Integrating Smart Cards into Kerberos . http:∥citeseer.nj.nec.com/cache/papers/cs/23304/http:zSzzSzwww. users.bigpond.comzSzg.gaskellzSzthesis.pdf/integrating-smart-cards-into.pdf,2002-02

二级参考文献12

  • 1[1]ANSI X9.52 Triple Data Encryption Alorithm Modes of Operation[S].American Bankers Association,1998
  • 2[2]NIST's AES web site.http://www.nist.gov/aes.
  • 3[3]G Keating. Performance analysis of AES candidates on the 6805 CPU core[C].In:Proceedings of the Second Advanced Encryption Standard Candidate Conference, 1999
  • 4[4]1SO/IEC 9797,Information technology-Security techniques-Message Authentication Codes(MACs),Part l:Mechanisms using a block cipher 1999,Part 2:Mechanisms using a hash function[S].2000
  • 5[5]S M Bellovin,M Merritt. Limitations of the Kerberos authenticationsystem[C].ln:Proceedings of the Winter 1991 Usenicx Coference, 1991
  • 6[6]Peter Gutmann. Data Remanence in Semiconductor Devices[C].In:Proceedings of lOth Usenix Security Symposium,2001
  • 7[7]A J Menezes,P C van Oorschot,S A Vanstone. Handbook of Applied Cryptography[M].CRC Press,Boca Raton,1997
  • 8[8]Jan Axelson. USB Complete. Lakeview Research,1999
  • 9[9]Motorola Inc.Technical Data-MC68HC908JBS-Rev, I.O[M].2000
  • 10[10]National Institute of Standards and Technology. SECURITY REQUI-REMENTS FOR CRYPTOGRAPHIC MODULES[S].FIPS PUB 140-1,1994

共引文献38

同被引文献121

引证文献15

二级引证文献49

计算机工程
2005年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部