Check out the new USENIX Web site.

Kerberos Security With Clocks Adrift

Don Davis
Daniel E. Geer, Sc.D.


I used to be Snow White, but I drifted.
- Mae West
We show that the Kerberos Authentication System can relax its requirement for synchronized clocks, with only a minor change which is consistent with the current protocol. Synchronization has been an important limitation of Kerberos; it imposes political costs and technical ones. Further, Kerberos' reliance on synchronization obstructs the secure initialization of clocks at bootstrap. Perhaps most important, this synchronization requirement limits Kerberos' utility in contexts where connectivity is often intermittent. Such environments are becoming more important as mobile computing becomes more common. Mobile hosts are particularly refractory to security measures, but our proposal gracefully extends Kerberos even to mobile users, making it easier to secure the rest of a network that includes mobile hosts. An advantage of our proposal is that we would not change the Kerberos protocol per se; a special type of preauthentication exchange can convey just enough replay protection to authenticate the initial ticket and its timestamp to an unsynchronized client, without adding process-state to the system's servers.

Download the full text of this paper in ASCII (28,853 bytes),
POSTSCRIPT (160,675 bytes),
and PDF (189,837 bytes) form.

To Become a USENIX Member, please see our Membership Information.