Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Kerberos Anita Jones November, 2006. 2 Kerberos * : Objective Assumed environment Assumed environment –Open distributed environment –Wireless and Ethernetted.

Published byHarry Timbs Modified over 10 years ago

Similar presentations

Presentation on theme: "1 Kerberos Anita Jones November, 2006. 2 Kerberos * : Objective Assumed environment Assumed environment –Open distributed environment –Wireless and Ethernetted."— Presentation transcript:

1 1 Kerberos Anita Jones November, 2006

2 2 Kerberos * : Objective Assumed environment Assumed environment –Open distributed environment –Wireless and Ethernetted –Users wish to access services on servers –Need to restrict access to authorized users –Need to authenticate requests for service * Greek mythology – many headed dog who guards the entrance to Hades * Implemented at MIT as part of Project Athena

3 3 Kerberos : Objective Provide authentication service Provide authentication service –Clients to servers –Servers to clients

4 4 Kerberos: Strategy What NOT to do: What NOT to do: –Does not rely on workstation OS to assure identity of clients/users –Does not rely on server to provide stand- alone authentication service –Does not force clients to prove identity over and over –Does not rely on client to determine identity of each service invoked Provide an authentication service Provide an authentication service

5 5 When is authentication useful? –Once per creation of new user Once per user logon session Once per user logon session Once per type of service Once per type of service Once per service session Once per service session –Once per service request Kerberos provides the middle three services

6 6 Kerberos: Strategy Knows about the existence of users and servers Knows about the existence of users and servers –Shares (different) symmetric key with each More recent versions of Kerberos use public/private keys More recent versions of Kerberos use public/private keys We will not discuss key distribution here We will not discuss key distribution here Uses capabilities – calls them tickets Uses capabilities – calls them tickets –Key property – tickets are unforgeable Passes out tickets on request Passes out tickets on request –Key points – form of the tickets, when they are useful, and where they are useful

7 7 Kerberos: Strategy – more detail Kerberos has a table of Kerberos has a table of –Identity of users & servers –Net address of clients & servers –Current user password Key/password distribution, i.e. initialization & update discussed earlier in course Key/password distribution, i.e. initialization & update discussed earlier in course Uses DES for encryption Uses DES for encryption Kerberos provides a Ticket granting server (tgs). Tickets that it creates must be Kerberos provides a Ticket granting server (tgs). Tickets that it creates must be –Unforgeable –Non-replayable –Authenticated

8 8 Assumption – key sharing Kerberos composed of AS plus TGS Kerberos composed of AS plus TGS AS (authentication server) shares a secret key with each user AS (authentication server) shares a secret key with each user –Typically called ID C – C is the client machine TGS (ticket granting server) TGS (ticket granting server) –TGS shares secret key with each known server –Server machine and server software notated as the same Each user and service share a secret key Each user and service share a secret key

9 9 Three authentication services Transactions: Transactions: –Authenticate user – client machine talks to AS (authentication service) when user logs on User receives authentication ticket (ticket-granting ticket) User receives authentication ticket (ticket-granting ticket) –Get ticket to use a server – client machine talks to TGS when user first wants to use a particular service User receives a service-granting ticket User receives a service-granting ticket –Service session – client workstation proffers ticket to server that is good for the session User may require server to authenticate self to user User may require server to authenticate self to user

10 10 Protocol 1 – get ticket-granting ticket simple illustration Once per client logon session: Once per client logon session: 1 C AS: ID C, ID tgs 2 AS C: E KC [ ticket tgs ] Notes: comma indicates concatenation AS is authentication service of Kerberos ID C – name of the user on client C ID tgs – client C is asking for TGS service from Kerberos E KC is encryption with key derived from Cs password ticket tgs – ticket C uses to get service from TGS

11 11 Ticket (ticket-granting ticket) from TGS ticket tgs = E Ktgs [ ID C, AD C, ID tgs, Time 1, Lifetime 1 ] Notes: E Ktgs – key known only to AS and TGS ID C – identity of client C AD C – network address of C Time 1 – TGS-created time stamp Lifetime 1 – ticket lifetime

12 12 Protl 2 – get service-granting ticket simple illustration Get service-granting ticket – at first request for a particular service Get service-granting ticket – at first request for a particular service 1 C TGS: ID C, ID v, ticket tgs 2 TGS C: ticket v Notes: ticket V is ticket that server V will accept as valid TGS knows whether ID C is allowed to use service V ticket V has same form as ticket tgs

13 13 Ticket (service V) from TGS ticket V = E KVTGS [ ID C, AD C, ID V, Time 2, Lifetime 2 ] Notes: E KVtgs – key known only to TGS and V ID C – identity of user on client C AD C – network address of C Time 2 – TGS created time stamp Lifetime 2 – ticket lifetime

14 14 Protocol 3 – to obtain the service simple illustration Once per service session: Once per service session: 1 C V: ID C, ticket V Note: C gives user name & submits ticket for Vs service

15 15 It aint quite that simple It aint quite that simple Tickets are a little more complex Tickets are a little more complex –Time stamps – limit replay of requests for tickets –Ensure clocks of various computers are sufficiently in synch –Tickets have a lifetime validity stamp We have not dealt with users who rove among multiple workstations We have not dealt with users who rove among multiple workstations –Client/user and the clients workstation OS are not the same thing

16 16 Protocol 1 – more complete get ticket-granting ticket Once per client logon session: Once per client logon session: 1 C AS: ID C, ID tgs, Time 1 2 AS C: E KC [K C,tgs, ID tgs, Time 2, Lifetime 2, ticket tgs ] Notes: Time1 is time from Cs clock; AS assures that clocks are sufficiently in synch E KC – encryption with key derived from ID C s password K C,tgs – session key created by TGS; permits secure exchange for AS & ID C for the session

17 17 Full Ticket-granting ticket ticket tgs = E Ktgs [ K C,tgs, ID C, AD C, ID tgs, Time 2, Lifetime 2 ] Notes: E Ktgs – key known only to AS and TGS K C,tgs – session key available to user; permits secure exchange for TGS & C for the session ID C – identifier for user on machine C AD C – network address of machine C Time 2 – time stamp created for this ticket Lifetime 2 – ticket lifetime

18 18 Protl 2 – get service-granting ticket fuller illustration Get service-granting ticket – at first request for a particular service Get service-granting ticket – at first request for a particular service 1 C TGS: ID v, ticket tgs, auth C 2 TGS C: E KC,tgs [K C,V, ID V, Time 4, ticket V ] Note: ticket V – ticket that server will accept as valid and then deliver service K C,V – secure session key that C and server V use auth C – generated by user to validate ticket; encrypted with K C,tgs

19 19 Full service-granting ticket ticket v = E KVtgs [ K C,V, ID C, AD C, ID V, Time 4, Lifetime 4 ] Notes: E KVtgs – key derived from servers password; known only to TGS and V; prevents tampering K C,V – session key available to user; permits secure exchange for V & ID C for the session ID C – identifier of user on C; ditto V AD C – network address of C Time 4 – time stamp created for this ticket Lifetime 4 – ticket lifetime

20 20 Authenticator (auth C ) auth C = E KC,tgs [ ID C, AD C, Time 3 ] Notes: Authenticator created by user to assure TGS that ticket presenter is same as user for whom ticket was issued; intended for one time use; timestamp limits replay K C,tgs – session key available to user; permits secure exchange for TGS &ID C for the session Time 3 – time stamp created for this authenticator

21 21 Protocol 3 – to gain service fuller illustration Once per service session: Once per service session: 1 C V: ticket V, auth C 2 V C: E Kc,v [Time 5 + 1] Note: Step 2 is for server V to authenticate to client C auth C is similar to that in protocol 2; includes Time 5

22 22 Authenticator (auth C ) auth C = E KC,V [ ID C, AD C, Time 5 ] Notes: Authenticator created by user to assure V that ticket presenter is same as user for whom ticket was issued; intended for one time use; timestamp limits replay K C,V – session key available to user and V permits secure session exchange for V & ID C Time 5 – time stamp created for this authenticator

23 23 Kerberos – End

Download ppt "1 Kerberos Anita Jones November, 2006. 2 Kerberos * : Objective Assumed environment Assumed environment –Open distributed environment –Wireless and Ethernetted."

Similar presentations

ISA 662 Internet Security Protocols Kerberos Prof. Ravi Sandhu.

ISA 662 Internet Security Protocols Kerberos Prof. Ravi Sandhu.
Business Transaction Management Software for Application Coordination 1 www.choreology.com Business Processes and Coordination.

Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.6 Kerberos.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.6 Kerberos.
AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
The Authentication Service ‘Kerberos’ and It’s Limitations

The Authentication Service ‘Kerberos’ and It’s Limitations
Henric Johnson1 Chapter 4 Authentication Applications Henric Johnson Blekinge Institute of Technology,Sweden

Henric Johnson1 Chapter 4 Authentication Applications Henric Johnson Blekinge Institute of Technology,Sweden
CS5204 – Operating Systems 1 A Private Key System KERBEROS.

CS5204 – Operating Systems 1 A Private Key System KERBEROS.
A less formal view of the Kerberos protocol J.-F. Pâris.

A less formal view of the Kerberos protocol J.-F. Pâris.
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
KERBEROS LtCdr Samit Mehra (05IT 6018).

KERBEROS LtCdr Samit Mehra (05IT 6018).
KERBEROS A NETWORK AUTHENTICATION PROTOCOL Nick Parker CS372 Computer Networks.

KERBEROS A NETWORK AUTHENTICATION PROTOCOL Nick Parker CS372 Computer Networks.
Authentication Applications

Authentication Applications
1 Authentication Applications Ola Flygt Växjö University, Sweden +46 470 70 86 49.

1 Authentication Applications Ola Flygt Växjö University, Sweden
Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.

Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
NETWORK SECURITY.

NETWORK SECURITY.
Kerberos and X.509 Fourth Edition by William Stallings

Kerberos and X.509 Fourth Edition by William Stallings
CSCE 815 Network Security Lecture 10 KerberosX.509 February 13, 2003.

CSCE 815 Network Security Lecture 10 KerberosX.509 February 13, 2003.

Similar presentations

Ads by Google