Presentation is loading. Please wait.

Presentation is loading. Please wait.

CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz."— Presentation transcript:

1 CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz

2 Otway-Rees  A  B: N C, K A (N A, N C, Alice, Bob)  B  KDC: K A (…), K B (N B, N C, Alice, Bob) –KDC checks that N C is the same…  KDC  B: N C, K A (N A, K AB ), K B (N B, K AB )  B  A: K A (…)  A  B: K AB (timestamp) –Note: KDC already authenticated Bob

3 Analysis?  N C should be unpredictable, not just a nonce –Otherwise, can impersonate B to KDC Send first message: (next N C ), “garbage” B forwards to KDC along with encryption of the next N C Next time A initiates a conversation, replay previous message from B  Still uses encryption for authentication…  –Serious attack if ECB is used Replace K AB with N C

4 Kerberos  (May discuss in more detail later)  A  KDC: N 1, Alice, Bob  KDC  A: K A (N 1, Bob, K AB, ticket), where ticket = K B (K AB, Alice, expiration time)  A  B: ticket, K AB (time)  B  A: K AB (time+1)

5 Certificate authorities and PKI

Download ppt "CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz."

Similar presentations

COEN 350 Kerberos.

COEN 350 Kerberos.
CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Lecture 10: Mediated Authentication

Lecture 10: Mediated Authentication
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.
CSC 474 Information Systems Security

CSC 474 Information Systems Security
Handshake Protocols COEN 350. Simple Protocol Alice: Hi, I am Alice. My password is “fiddlesticks”. Bob: Welcome, Alice.

Handshake Protocols COEN 350. Simple Protocol Alice: Hi, I am Alice. My password is “fiddlesticks”. Bob: Welcome, Alice.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.

1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
CS470, A.SelcukNeedham-Schroeder1 Needham-Schroeder Protocol Authentication & Key Establishment CS 470 Introduction to Applied Cryptography Instructor:

CS470, A.SelcukNeedham-Schroeder1 Needham-Schroeder Protocol Authentication & Key Establishment CS 470 Introduction to Applied Cryptography Instructor:
Luu Anh Tuan. Security protocol Intruder Intruder behaviors Overhead and intercept any messages being passed in the system Decrypt messages that are.

Luu Anh Tuan. Security protocol Intruder Intruder behaviors Overhead and intercept any messages being passed in the system Decrypt messages that are.
COEN 350 Kerberos. Provide authentication for a user that works on a workstation. Uses secret key technology Because public key technology still had patent.

COEN 350 Kerberos. Provide authentication for a user that works on a workstation. Uses secret key technology Because public key technology still had patent.
CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.
Computer Security Key Management. Introduction We distinguish between a session key and a interchange key ( long term key ). The session key is associated.

Computer Security Key Management. Introduction We distinguish between a session key and a interchange key ( long term key ). The session key is associated.
Computer Security Key Management

Computer Security Key Management

Similar presentations

Ads by Google