We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Kerberos PKINIT: what, why, and how (to break it)

Formal Metadata

Title
Kerberos PKINIT: what, why, and how (to break it)
Title of Series
Number of Parts
542
Author
Contributors
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
The Kerberos PKINIT extension replaces password authentication with X.509 PKI. This bring some advantages but also new risks. This presentation explains and demonstrates how PKINIT works, and presents a novel attack against FreeIPA's PKINIT implementation. Kerberos is an authentication and single sign-on protocol based on symmetric cryptography. To avoid the drawbacks and risks of passwords, the PKINIT protocol extension enables clients to authenticate using public key cryptography and X.509 certificates. To further improve security, private keys can reside and signing/decrytion operations can be performed on hardware cryptographic tokens (smart card, PIV, TPM, etc). I will start the talk with a brief overview of the core Kerberos protocol. Next I will explain how the PKINIT extension works, and demonstrate how to set up and use PKINIT in a FreeIPA environment. (FreeIPA is a free software identity management system that includes MIT Kerberos and Dogtag PKI.) Finally I will discuss some of the risks that arise when using PKINIT, and security considerations for implementers and deployers. I will present and demonstrate a recently discovered PKINIT security flaw in some older (but still supported) versions of FreeIPA.