http://www.cis.upenn.edu/group/securitysem/

Breaking and Fixing Public-Key Kerberos

Andre Scedrov

We report on a man-in-the-middle attack on PKINIT, the public key extension of the widely deployed Kerberos 5 authentication protocol. This flaw allows an attacker to impersonate Kerberos administrative principals (KDC) and end-servers to a client, hence breaching the authentication guarantees of Kerberos. The flaw also gives the attacker the keys that the KDC would normally generate to encrypt the service requests of this client, hence defeating confidentiality as well. The discovery of this attack caused the IETF to change the specification of PKINIT and caused Microsoft to release a security update for some Windows operating systems. We discovered this atack as part of an ongoing formal analysis of the Kerberos protocol suite, and we have formally verified several fixes to PKINIT that prevent our attack. This is joint work with I. Cervesato, A.D. Jaggard, J.-K. Tsay, and C. Walstad.

（強調筆者）

これって最近のことだろうか？　どれだろう。（と調べもせずに書く）

追記：一年以上前の話やんけ！

http://www.microsoft.com/japan/technet/security/Bulletin/MS05-042.mspx