Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dr. Nermi hamza.  A user may gain access to a particular workstation and pretend to be another user operating from that workstation.  A user may eavesdrop.

Published byLillian Jefferson Modified over 8 years ago

Similar presentations

Presentation on theme: "Dr. Nermi hamza.  A user may gain access to a particular workstation and pretend to be another user operating from that workstation.  A user may eavesdrop."— Presentation transcript:

1 Dr. Nermi hamza

2  A user may gain access to a particular workstation and pretend to be another user operating from that workstation.  A user may eavesdrop on exchanges and use a reply attack to gain entrance to a server or to disrupt operations.  A user may alter the network address of a workstation so that the requests sent from the altered workstation appear to come from the impersonated workstation. 2

3 3 ◦ Computer Network Authentication Protocol ◦ Individuals communicating over an unsecured network can prove their identity to one another in a secure manner ◦ Prevents eavesdropping or replay attacks

4  provide authentication between any pair of entities  primarily used to authenticate user-at- workstation to server  servers can build authorization and access control services on top of Kerberos

5 5  A secret key based service for providing authentication in open networks  Authentication mediated by a trusted 3rd party on the network: ◦ Key Distribution Center (KDC)

6 6  Developed in 1988 at MIT as part of Project Athena. ◦ Athena was started in 1983 with the goal to provide campus-wide access to networked computing services. ◦ Security problems (eavesdropping, forging identities, and so on) made it clear that a security solution was needed; Kerberos was the solution, based on Needham and Schroeder’s secret key protocol, with DES to handle encryption and decryption.  Since then, Kerberos has been used to provide secure access for various networked file systems and computing environments.  There are two commonly available versions of Kerberos, version 4 and version 5.

7 * AS = Authentication Server * TGS = Ticket Granting Server * SS = Service Server * TGT = Ticket Granting Ticket The client authenticates to AS using a long-term shared secret and receives a ticket from the AS. Later the client can use this ticket to get additional tickets for SS without resorting to using the shared secret. These tickets can be used to prove authentication to SS.

8 15.8 Key-Distribution Center: KDC Key-distribution center (KDC)

9 9 ASTGS Client Server KDC

10 10 ASTGS Client Server KDC TGT Authenticator SK (ticket) Server id.

11 11 ASTGS Client Server KDC Authenticator SK

12 12  Alice logs into a computer workstation  Workstation forwards the network ID to the Authentication Server (AS) unencrypted  AS sends a message which is encrypted with Alice’s key K(A) ◦ Contains a session key K(S) and a ticket for the TGS

13 13  Alice sends the following to the TGS: ◦ Ticket received from the AS ◦ Name of server she wishes to access (Bob) ◦ Timestamp which has been encrypted with K(S)  The TGS returns two tickets to Alice ◦ Each key has the session key K(AB) which allows Alice and Bob to communicate

14 14  Alice sends Bob’s ticket together with an time-stamp encrypted with K(AB) to Bob  Bob confirms receipt by adding 1 to the time-stamp, which is encrypted with K(AB) and sent to Alice  Alice and Bob can now freely conduct transaction using K(AB) as the symmetric shared key

15 15  Kerberos caches tickets and encryption keys (collectively called credentials)  Have a limited life  Allows a user to obtain tickets and encryption keys without requiring the re- entry of the user's password

16 16  Suppose a client C wants to communicate with a server S in a Kerberos version 5 realm. Step 1:  The first step is for the client to authenticate itself with the Kerberos Authentication Service and request a Ticket Granting Ticket.  This requests a ticket for client (C) for the Ticket Granting Service (TGS), with N 1 as a timestamp nonce. C AS C, K C-AS (TGS, N 1 )

17 17 Step 2:  When the Authentication Service receives the request, it decrypts the request and verifies the client’s identity. It then generates a session key for the client and Ticket Granting Service to use, as well as a ticket. It sends back: where TGT = (C, TGS, T 1, L 1, K C-TGS ) T 1, L 1 are the ticket’s timestamp and lifespan  Since this is encrypted with C’s secret key, only the client can make use of it, and only the Authentication Service could have sent it. C AS E[K C-AS, (K C-TGS, K AS-TGS (TGT),N 1 )]

18

19

20 20 Step 3:  With the client authenticated, it decrypts the response to get a session key for the Ticket Granting Service and a ticket- granting ticket.  When the client needs to contact the server S, it creates a fresh authenticator (AUTH) and requests a ticket from the Ticket Granting Service: where AUTH=(C, ADc, N 3 ) C TGS K C-TGS (AUTH), K AS-TGS (TGT), S, N 2

21 21 Step 4:  The Ticket Granting Service decrypts the ticket-granting ticket and obtains the session key within it.  The service decrypts the authenticator and compares client identifiers in the authenticator and ticket.  The service generates a new session key for the client and server, as well as a service ticket, and sends: where STK = (C, S, T 2, L 2, K C-S ) T 2, L 2 are the ticket’s timestamp and lifespan  Since this is encrypted with the session key, only the client can make use of it, and only the Ticket Granting Service could have sent it. C TGS K C-TGS (K C-S, K S-AS (STK),N 2 )

22

23

24

25 25 Step 5:  The client decrypts the response from the Ticket Granting Service to get the session key for the server and a service ticket to use with it.  When the client needs to contact the server S, it creates a fresh authenticator (AUTH) and sends this, along with the service ticket, and its request R: where AUTH=(C, N 5 ) C S K C-S (AUTH), K S-AS (STK), R, N 4

26 26 Step 6:  The server decrypts the service ticket and obtains the session key within it.  The server decrypts the authenticator and compares client identifiers in the authenticator and ticket.  The server executes request R and replies with answer A, and the nonce in the client’s request.  Since this is encrypted with the session key, only the client can make use of it, and only server could have sent it. The session key can be used for additional requests in this session, and then destroyed. C S K C-S (A, N 4 )

27

28

29 29 C ASTGSS C, K C-AS (TGS, N 1 ) K C-AS (K C-TGS, K AS-TGS (TGT),N 1 ) K C-TGS (AUTH), K AS-TGS (TGT), S, N 2 K C-TGS (K C-S, K S-AS (STK),N 2 ) K C-S (AUTH), K S-AS (STK), R, N 4 K C-S (A, N 4 )

30 30  Kerberos Encryption ◦ User's encryption key is derived from their password ◦ Uses the data encryption standard ◦ Symmetric cryptography  The Kerberos Ticket  Ticket Granting Server

31 31  A = user requesting the service  B = the service requested  TGS = Ticket Granting Server issues “proof of identity tickets”  AS = Authentication Server verifies users during login  S = session key  t = timestamp  K = key (encryption, decryption)

32 32

33  Authentication  Authorization  Confidentiality  Within networks and small sets of networks

34 15.34 The minor differences between version 4 and version 5 are briefly listed below: Kerberos Version 5 1)Version 5 has a longer ticket lifetime. 2)Version 5 allows tickets to be renewed. 3)Version 5 can accept any symmetric-key algorithm. 4)Version 5 uses a different protocol for describing data types. 5)Version 5 has more overhead than version 4.

35 15.35 Kerberos allows the global distribution of ASs and TGSs, with each system called a realm. A user may get a ticket for a local server or a remote server. The concept of realm can be : is set of managed nodes that share the same Kerberos database Realms

36

37  The Kerberos protocol operates across organizational boundaries. If an organization wants to have local control of authentication of its users, it can run its own Kerberos server. All the users and applications that use a Kerberos server compose a realm. The name of the realm in which a client is registered is part of the client's name and can be used by the application server to decide whether to honor a request.

38

39

Download ppt "Dr. Nermi hamza.  A user may gain access to a particular workstation and pretend to be another user operating from that workstation.  A user may eavesdrop."

Similar presentations

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.6 Kerberos.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.6 Kerberos.
1 Kerberos Anita Jones November, 2006. 2 Kerberos * : Objective Assumed environment Assumed environment –Open distributed environment –Wireless and Ethernetted.

1 Kerberos Anita Jones November, Kerberos * : Objective Assumed environment Assumed environment –Open distributed environment –Wireless and Ethernetted.
AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
CS5204 – Operating Systems 1 A Private Key System KERBEROS.

CS5204 – Operating Systems 1 A Private Key System KERBEROS.
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
KERBEROS A NETWORK AUTHENTICATION PROTOCOL Nick Parker CS372 Computer Networks.

KERBEROS A NETWORK AUTHENTICATION PROTOCOL Nick Parker CS372 Computer Networks.
Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.

Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
NETWORK SECURITY.

NETWORK SECURITY.
IT 221: Introduction to Information Security Principles Lecture 8:Authentication Applications For Educational Purposes Only Revised: October 20, 2002.

IT 221: Introduction to Information Security Principles Lecture 8:Authentication Applications For Educational Purposes Only Revised: October 20, 2002.
Authentication Applications The Kerberos Protocol Standard

Authentication Applications The Kerberos Protocol Standard
SCSC 455 Computer Security

SCSC 455 Computer Security
Kerberos Part 2 CNS 4650 Fall 2004 Rev. 2. PARC Once Again Once again XEROX PARC helped develop the basis for wide spread technology Needham-Schroeder.

Kerberos Part 2 CNS 4650 Fall 2004 Rev. 2. PARC Once Again Once again XEROX PARC helped develop the basis for wide spread technology Needham-Schroeder.
1 Kerberos Revised: June 21, 2006, Version 2 Team 2 Members John Casarella Dave Fronckowiak Larry Immohr Linda Liu Sandy Westcott.

1 Kerberos Revised: June 21, 2006, Version 2 Team 2 Members John Casarella Dave Fronckowiak Larry Immohr Linda Liu Sandy Westcott.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Similar presentations

Ads by Google