Mailing List Archive: [Bug 975] Kerberos authentication timing can leak information about account validity

[Bug 975] Kerberos authentication timing can leak information about account validity

Jan 20, 2005, 1:45 AM

Post #1 of 3 (212 views)

http://bugzilla.mindrot.org/show_bug.cgi?id=975

Summary: Kerberos authentication timing can leak information
about account validity
Product: Portable OpenSSH
Version: -current
Platform: All
URL: http://marc.theaimsgroup.com/?l=openssh-unix-
dev&m=110371328918329&w=2
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: openssh-bugs@mindrot.org
ReportedBy: dtucker@zip.com.au

There is apparently a difference in behaviour in the Kerberos code for existing
vs nonexistent users. See the thread in the URL.

To summarise the thread:

Senthil Kumar said:
> I tested [with the patch in bug #971 - dt] OpenSSH-3.9p1 with the following
> options in sshd configuration
>
> ChallengeResponseAuthentication `no`
> KerberosAuthentication `yes`
> passwordauthentication `yes`
>
> but it shows difference in time for the appearance of password prompts for
> both valid and invalid users. The code shows PAM-password Authentication is
> not attempted when KerberosAuthentication is enabled. So by disabling
> kerberosAuthentication there is no difference in time for the appearance of
> password prompts for both valid and invalid users (ie.both cases have
> considerable amount of delay).

Later testing showed that the early return in auth-krb5.c when !authctxt->valid
is the cause of the difference.

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 975] Kerberos authentication timing can leak information about account validity [ In reply to ]

bugzilla-daemon at mindrot

Jan 20, 2005, 3:20 AM

Post #2 of 3 (216 views)

Permalink

http://bugzilla.mindrot.org/show_bug.cgi?id=975

------- Additional Comments From senthilkumar_sen@hotpop.com 2005-01-20 22:20 -------
Created an attachment (id=778)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=778&action=view)
Patch for Kerberos timing difference for Valid and Invalid user

For PAM-Passwd Authentication with KerberosAuthentication being set to yes,
there exists a time difference for valid user and invalid user. The attached
patch fixes that. I am asked to move the authctxt->valid check to out block in
auth-krb5.c in the mailing lists but I think it is not necessary.

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 975] Kerberos authentication timing can leak information about account validity [ In reply to ]

bugzilla-daemon at mindrot

Jan 26, 2005, 11:24 PM

Post #3 of 3 (213 views)

Permalink

http://bugzilla.mindrot.org/show_bug.cgi?id=975

dtucker@zip.com.au changed:

What |Removed |Added
----------------------------------------------------------------------------
Attachment #778 is|0 |1
obsolete| |

------- Additional Comments From dtucker@zip.com.au 2005-01-27 18:24 -------
Created an attachment (id=790)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=790&action=view)
check authctxt->valid on return too

I think it's safer to check authctxt->valid anyway in case, eg in case the user
is listed in DenyUsers.

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.