Problem solve Get help with specific problems with your technologies, process and projects.

Is Kerberos prone to Brute Force attack?

Hi, I have been to many discussion groups and was recently directed to you for this question. My question is -...

Is Kerberos prone to Brute Force attack?

I know this place is known for experts - so I am counting on you for the right answer.

Kerberos is vulnerable to Password guessing as it cannot detect a dictionary attack. So when we are talking about Kerberos, let me tell you some more weaknesses too:

  • It Provides Authentication, confidentiality and integrity, but not availability or non-repudiation (as it uses Symmetric Keys).
  • The KDC is a single Point of failure. If compromised, the integrity of the whole network is compromised.
  • Secret Keys are stored on User's Workstations. Even the session keys are stored on user?s workstations in cache or key tables.

    Hope this is what you were looking for. Let me know if you need any more information.

This was last published in September 2002

Dig Deeper on Network Security Monitoring and Analysis