Is Kerberos prone to Brute Force attack?
Hi, I have been to many discussion groups and was recently directed to you for this question. My question is -...
Continue Reading This Article
Enjoy this article as well as all of our content, including E-Guides, news, tips and more.
Is Kerberos prone to Brute Force attack?
I know this place is known for experts - so I am counting on you for the right answer.
Kerberos is vulnerable to Password guessing as it cannot detect a dictionary attack. So when we are talking about Kerberos, let me tell you some more weaknesses too:
- It Provides Authentication, confidentiality and integrity, but not availability or non-repudiation (as it uses Symmetric Keys).
- The KDC is a single Point of failure. If compromised, the integrity of the whole network is compromised.
- Secret Keys are stored on User's Workstations. Even the session keys are stored on user?s workstations in cache or key tables.
Hope this is what you were looking for. Let me know if you need any more information.
-Puneet