Presentation is loading. Please wait.

Presentation is loading. Please wait.

Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.

Similar presentations


Presentation on theme: "Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian."— Presentation transcript:

1 Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian Computer Science Conference (ACSC '04 ), vol. 26, pp , 2004 Reporter: Chun-Ta Li ( 李俊達 )

2 2 Outline  Introduction  Kerberos  Kaman  Comments

3 3 Introduction  Ad hoc network Wireless connections to route both data and control packets within the network Trust relationship can be threatened by malicious nodes Security demands that all packets be authenticated before being used between nodes

4 4 Kerberos  Kerberos [Kohl and Neuman 1993] symmetric key based indirect authentication mechanism  Participants: Kerberos server and communication clients  Significant feature Prevention of node identity forgery Detection of replay attacks Establishment of secure channels Mutual endpoint authentication

5 5 Kaman  For ad hoc networks Participants: multiple Kerberos servers and clients Assumptions:  All users have a secret key or password known only to them  All servers know the hashed passwords of all the users  All servers share a secret key with each other server

6 6 Kaman (cont.)  Operation of Kaman S1S2 C1C2 1. Request for Tickets 2. Tickets 3. Tickets 4. Acknowledgement Repository Exchange

7 7 Kaman (cont.)  Initialization Format of the Kaman server repository

8 8 Kaman (cont.)  Notations

9 9 Kaman (cont.)  Authentication S1 C1C //

10 10 Kaman (cont.)  Key revocation S1 C

11 11 Kaman (cont.)  Replication of repository S1S2 1.

12 12 Comments  Denial of service attack S1 C plaintext S1 C plaintext Authentication Key revocation

13 13 Comments (cont.)  Improvement S1 C1 S1 C1 Authentication Key revocation 1. Options, ID C1, {Nonce}K C1 2. ID C1, {K C, Times, Nonce+1, ID C1 }K C1 1. Options, ID C1, ID C2, Times, {Nonce}K C1 2. ID C1, {Ticket C2, K C1,C2, Times, Nonce+1, ID C2 }K C1


Download ppt "Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian."

Similar presentations


Ads by Google