Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.

Slides:



Advertisements
Similar presentations
Lecture 10: Mediated Authentication
Advertisements

Chapter 10 Real world security protocols
Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Handshake Protocols COEN 350. Simple Protocol Alice: Hi, I am Alice. My password is “fiddlesticks”. Bob: Welcome, Alice.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
CS470, A.SelcukNeedham-Schroeder1 Needham-Schroeder Protocol Authentication & Key Establishment CS 470 Introduction to Applied Cryptography Instructor:
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
AUTHENTICATION APPLICATIONS - Chapter 14 Kerberos X.509 Directory Authentication (S/MIME)
Authentication & Kerberos
 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
G Robert Grimm New York University Using Encryption for Authentication in Computer Networks.
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.
EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
CMSC 414 Computer and Network Security Lecture 18 Jonathan Katz.
1 Key Establishment Symmetric key problem: How do two entities establish shared secret key over network? Solution: trusted key distribution center (KDC)
Slide 1 Vitaly Shmatikov CS 378 Key Establishment Pitfalls.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.
Key Distribution CS 470 Introduction to Applied Cryptography
Authentication System
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
Network Security Chapter Computer Networks, Fifth Edition by Andrew Tanenbaum and David Wetherall, © Pearson Education-Prentice Hall, 2011.
Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
Lecture 11: Strong Passwords
Authentication Applications Unit 6. Kerberos In Greek and Roman mythology, is a multi-headed (usually three-headed) dog, or "hellhound” with a serpent's.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
Chapter 21 Distributed System Security Copyright © 2008.
Fall 2010/Lecture 321 CS 426 (Fall 2010) Key Distribution & Agreement.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.
1 Lecture 9: Cryptographic Authentication objectives and classification one-way –secret key –public key mutual –secret key –public key establishing session.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.
CPS Computer Security Tutorial on Creating Certificates SSH Kerberos CPS 290Page 1.
1 Network Security Lecture 7 Overview of Authentication Systems Waleed Ejaz
Chapter 4 - Kerberos Network Security and Management Fall Dr. Faisal Kakar Office:
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Authentication Protocols (I): Secure Handshake.
AUTHENTICATION APPLICATIONS - Chapter 14 Kerberos X.509 Directory Authentication (S/MIME)
IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.
Computer and Network Security - Message Digests, Kerberos, PKI –
Key Management Network Systems Security Mort Anvari.
CPS Computer Security Tutorial on Creating Certificates SSH Kerberos CPS 290Page 1.
COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.
Wireless Network Security CSIS 5857: Encoding and Encryption.
User Authentication  fundamental security building block basis of access control & user accountability  is the process of verifying an identity claimed.
1 Authentication Protocols Rocky K. C. Chang 9 March 2007.
9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.
Security. Cryptography (1) Intruders and eavesdroppers in communication.
@Yuan Xue CS 285 Network Security Key Distribution and Management Yuan Xue Fall 2012.
Pertemuan #8 Key Management Kuliah Pengaman Jaringan.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Presentation transcript:

Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols

Why Security Protocols ●Alice and Bob want to communicate securely over the Internet, they need to: ●(Mutually) authenticate ●Establish and exchange keys ●Agree to cryptographic operations and algorithms ●Building blocks: ●Public-key (asymmetric) and secret-key (symmetric) algorithms, hash functions

Mutual Authentication: Shared Secret

●R 1 and R 2 should not be easily repeatable and predictable ●Otherwise an adversary, Trudy, can record and replay challenge and/or response to impersonate Alice or Bob ●Use large random values ●K AB needs to be protected at Alice and Bob (end points of communication) Mutual Authentication: Shared Secret

Mutual Authentication Quiz Mark T for True or F for False: The challenge values used in an authentication protocol can be repeatedly used in multiple sessions The authentication messages can be captured and replayed by an adversary Authentication can be one-way, e.g., only authenticating Alice to Bob

Mutual Authentication: Simplified

Mutual Authentication: Reflection Attack

●Fixes: ●Different keys for initiator and responder Trudy can’t get Bob to encrypt using Alice’s key Mutual Authentication: Reflection Attack

●Different type of challenges for initiator and responder e.g., even number for initiator and odd number for responder Mutual Authentication: Reflection Attack

Mutual Authentication Public Keys ●Variant: ●Sign instead of encrypt

Attack Quiz A reflection attack is a form of man-in-the-middle attack Mark T for True or F for False: To defeat a reflection attack, we can use an odd number as challenge from the initiator and even number from the responder We can use signing with public keys to achieve mutual authentication

Session Keys ●Authentication first ●A new key is used for each session ●Using shared (master) secret ●Encrypt the new key ●Using public keys

●Establish a shared key for the session, even if a there is already a shared secret key. ●Typically a long term secret key is called a Master key, possibly derived from a password. ●The master key is used to authenticate and establish a new session key. Session Keys

●Alice → Bob: E(PR A, E(PU B, K)) ●Diffie-Hellman with signing, i.e., ●Alice → Bob: E(PR A, Y A ) ●Bob → Alice: E(PR B, Y B ) Session Keys

Key Distribution Center (KDC) ●Shared Master Keys do not scale easily ●Each communication pair needs to share a master key

K A, K B are master keys shared with KDC, K s is a session key Key Distribution Center (KDC)

Exchanging Public Key Certificates

Session Key Quiz A session key should be a secret and unique to the session Authentication should be accomplished before key exchange A key benefit of using of KDC is for scalability In order for Bob to verify Alice’s public key, the certificate authority must be on-line Signing the message exchanges in Diffie-Hellman eliminates the man-in-the-middle attack Mark T for True or F for False:

Kerberos ●Authentication and access control in a network environment ●Every principal has a master (secret) key ●Human user’s master key is derived from password ●Other resources must have their keys configured in ●All principals’ master keys are stored in the KDC database, protected/encrypted

Kerberos

Kerberos Benefits: ●Localhost does not need to store passwords ●The master key that the user shares with the KDC is only used once every day This limits exposure of the master key Kerberos

Accessing the Printer

Kerberos Quiz Kerberos provides authentication and access control Kerberos also distributes session keys To avoid over-exposure of a user’s master key, Kerberos uses a per-day key and a ticket-granting-ticket The authenticators used in requests to KDC and application servers can be omitted Access to any network resource requires a ticket issued by the KDC Mark T for True or F for False:

●Secret key based and public key based authentication ●Random challenge and response ●Impersonation attacks ●Establish session key based on pre-shared secret key or public keys and authentication exchanges, use KDC or CA ●Kerberos: authentication and access control, tickets, and ticket- granting ticket. Lesson Summary Security Protocols

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.