loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Ahmed Alazzawe ; Anis Alazzawe ; Asad Nawaz and Duminda Wijesekera

Affiliation: George Mason University, United States

Related Ontology Subjects/Areas/Topics: Enterprise Information Systems ; Formal Methods ; Information Systems Analysis and Specification ; Methodologies and Technologies ; Operational Research ; Security ; Simulation and Modeling

Abstract: Platforms, including Microsoft Windows 2000/2003 Servers, utilize Kerberos V for authentication services. Kerberos V introduced several improvements over its predecessor including a pre-authentication scheme that authenticates KDC bound requests prior to issuing tickets. Timestamps are incorporated within the pre-authentication scheme causing a weakness. The time needed to obtain a password is decreased by capturing and subsequently utilizing this timestamp. This paper examines the computational efficiency obtained by utilizing the timestamp in attacking Kerberos V pre-authentication data. We developed a program that would parse the pre-authentication data in an attempt to recover the client’s password. It uses a well-known cryptographic library and one embodiment thereof omits the last HMAC computation used in the verification process. Instead a timestamp is used to determine the success of the decryption process. Our findings indicate that utilizing the timestamp saves considerable processing time. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.17.79.60

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Alazzawe, A.; Alazzawe, A.; Nawaz, A. and Wijesekera, D. (2006). Analyzing Pre-authentication Timestamps To Crack Kerberos V Passwords. In Proceedings of the 4th International Workshop on Security in Information Systems (ICEIS 2006) - WOSIS; ISBN 978-972-8865-52-8, SciTePress, pages 267-277. DOI: 10.5220/0002502802670277

@conference{wosis06,
author={Ahmed Alazzawe. and Anis Alazzawe. and Asad Nawaz. and Duminda Wijesekera.},
title={Analyzing Pre-authentication Timestamps To Crack Kerberos V Passwords},
booktitle={Proceedings of the 4th International Workshop on Security in Information Systems (ICEIS 2006) - WOSIS},
year={2006},
pages={267-277},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002502802670277},
isbn={978-972-8865-52-8},
}

TY - CONF

JO - Proceedings of the 4th International Workshop on Security in Information Systems (ICEIS 2006) - WOSIS
TI - Analyzing Pre-authentication Timestamps To Crack Kerberos V Passwords
SN - 978-972-8865-52-8
AU - Alazzawe, A.
AU - Alazzawe, A.
AU - Nawaz, A.
AU - Wijesekera, D.
PY - 2006
SP - 267
EP - 277
DO - 10.5220/0002502802670277
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic