International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Provable-Security Analysis of Authenticated Encryption in Kerberos

Alexandra Boldyreva
Virendra Kumar
Search ePrint
Search Google
Abstract: Kerberos is a widely-deployed network authentication protocol that is being considered for standardization. Many works have analyzed its security, identifying flaws and often suggesting fixes, thus helping the protocol's evolution. Several recent results present successful formal-methods-based verification of a significant portion of the current version 5, and some even imply security in the computational setting. For these results to hold, encryption in Kerberos should satisfy strong cryptographic security notions. However, neither currently deployed as part of Kerberos encryption schemes nor their proposed revisions are known to provably satisfy such notions. We take a close look at Kerberos' encryption and confirm that most of the options in the current version provably provide privacy and authenticity, some with slight modification that we suggest. Our results complement the formal-methods-based analysis of Kerberos that justifies its current design.
  title={Provable-Security Analysis of Authenticated Encryption in Kerberos},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols /},
  note={A shortened version of this paper appears in 2007 IEEE Symposium on Security and Privacy Proceedings. 13678 received 14 Jun 2007},
  author={Alexandra Boldyreva and Virendra Kumar},