Download presentation

Presentation is loading. Please wait.

Published byKaden Burchill Modified over 7 years ago

1
Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies

2
Outline u Efficient cross realm authentication in Kerberos u Review original Kerberos u Propose a new extension for distributed operations in Kerberos u Multi-center multicast encryption schemes u Review single center schemes u Extend common schemes to distributed setting u Integrating Kerberos with multicast encryption schemes

3
Motivation u Increasing interest in group communication applications u Audio and video conferencing, data casting, collaborative applications u Problem: security u Goal: provide a practical solution

4
System Model Internet slow Intranet fast Intranet

5
Kerberos u Based on Needham and Schroeder protocol u Doesnt use asymmetric key crypto (fast) u Relies on a trusted third party (KDC) u Authentication is based on special data structures - tickets u Notation u KDC – Key Distribution Center u TGS – Ticket Granting Service u Alice, Bob – Kerberos principals u K A,B – Key shared by Alice and Bob u K A – Key derived from Alices password u TGT – Ticket granting ticket u T - nonce (timestamp) used to protect again replay attacks

6
Kerberos: Login Phase Hi, Im Alice Alice TGT = {Alice, TGS, K A,TGS }K TGS {K A,TGS, T}K A KDC

7
Kerberos: Service Ticket Request Alice, Bob, TGT TKT = {Alice, Bob, K A,B }K B {K A,B, T}K A,TGS AliceBob TGS

8
Kerberos: Application Request Alice, TKT, {Request}K A,B AliceBob KDC

9
Distributed Operations in Kerberos u Multiple Kerberos realms u Each realm administers local principals u No replication of data u Off-line phase u Shared keys established between participating KDCs u Ex: Wonderland and Oz u K W,Oz – shared key between KDCs u Alice@Wonderland, Bob@Oz

10
Cross Realm Kerberos: Local Request Alice@Wonderland, Bob@Oz, TGT RTGT = {Alice@Wonderland, TGS@Oz, K A,TGS@Oz }K W,Oz {K A,TGS@Oz, T}K A,TGS@W TGS@Wonderland Alice@WonderlandBob@Oz

11
Cross Realm Kerberos: Remote Req Alice@Wonderland, Bob@Oz, RTGT TKT = {Alice@Wonderland, Bob@Oz, K A,B }K B {K A,B, T}K A,TGS@Oz TGS@Oz Alice@WonderlandBob@Oz

12
Cross Realm Kerberos Alice@Wonderland, TKT, {Request}K A,B Alice@WonderlandBob@Oz

13
Efficient Cross Realm Protocol u Can we improve: u Network delays u KDC workload u Client workload u Compatible with non-distributed version of Kerberos

14
Fake Ticket Protocol: Step 1 Alice@Wonderland, Bob@Oz, TGT FTKT = {Alice@Wonderland, Bob@Oz, K A,B }K W,Oz {K A,B, T}K A,TGS@W TGS@Wonderland Alice@WonderlandBob@Oz

15
Protocol: Step 2 Alice@Wonderland, FTKT, {Request}K A,B Alice@WonderlandBob@Oz

16
Protocol: Step 3 TGS@Oz Alice@WonderlandBob@Oz TGT, FTKT TKT = {Alice@Wonderland, Bob@Oz, K A,B }K B {K A,B, T}K B,TGS@Oz

17
Evaluation u Minimizes the number of Internet (slow) messages u Reduced the workload on the client (Alice) u Alices software doesnt need to be modified u Extends easily to sending a message to a group

18
Outline u Efficient cross realm authentication in Kerberos u Multi-center multicast encryption schemes u Integrating Kerberos with multicast encryption schemes

19
Multicast Encryption u Methods for performing secure communication among a group of users u Key management problem: u Join/leave operations u Non-collaborative schemes: u Single center responsible for managing keys u Schemes evaluated based on: u Communication complexity u Storage complexity (both center and user)

20
Minimal Storage Scheme u Users store two keys: u K G - group key u K I,C - individual key shared with the center u Center stores two keys: u K G - group key u K M – secret key used to generate individual users key u Key update operation has linear communication cost

21
Tree-based Schemes u Build a logical tree u Each node represents a key: u Root – group key u Leaves – individual user keys u User stores all keys on the path from the leave to the root u User storage complexity is logarithmic u Center stores all keys in the tree u Center storage complexity is linear

22
Tree-based Schemes (cont.) u Key update operation requires logarithmic number of messages: u Change all keys on the path from the removed leave u Use siblings keys to distributes new keys

23
Multi-center Multicast: First Look u Multiple centers managing separate sets of clients u Build a single binary tree u Replicate tree at each center u Key updates require only local communication u Inefficient center and user storage: u Total center storage is O(n 2 ) u Each center stores keys for clients it doesnt manage

24
Extended Tree-based Multi-center u Each center manages M users u Each center builds a logical tree (size M) u Each user stores O(log M) keys u All centers share a key, K C u Key update operation requires (log M + N/M) message u Center storage among all centers is linear

25
Huffman Tree-based Multi-center u Each center has different number of users u Binary tree schemes doesnt provide an optimal tree u Each center builds a local tree u Associate a codeword with each center u Run Huffman algorithm to obtain minimal tree u Tree structure is kept by all centers

26
Outline u Efficient cross realm authentication in Kerberos u Multi-center multicast encryption schemes u Integrating Kerberos with multicast encryption schemes

27
Integration of Kerberos with Multicast Schemes u Need to extend Kerberos to sending a message to a group u N clients u Each KDC manages M clients u Notation u K G – group key u K C – key shared among all KDCs

28
Kerberized Multicast Alice, Group, TGT RTGT 1,.., RTGT N/M Alice

29
Integration Illustrated Alice RTGTs

30
Integration Illustrated (cont) Alice TKT I1,.., TKT Ik TKT J TKT K1,.., TKT Km

31
Integration Illustrated (cont) Alice Alice, TKT 1,.. TKT N

32
Kerberized Multicast with Fake Tickets Alice, Group, TGT FTKT G = {Alice@Wonderland, Group, K G }K C Alice

33
Integration Illustrated Alice Alice, FTKT G

34
Integration Illustrated (cont) Alice TGT I, FTKT G TGT J, FTKT G TGT K, FTKT G

35
Integration Illustrated (cont) Alice TKT I TKT J TKT K

36
Conclusion u Presented an extension to Kerberos for cross realm authentication u Eliminates Internet (slow) communications u Presented an extension to multicast encryption schemes that optimizes for multiple centers u Explored integrating cross realm authentication with multicast encryption schemes

Similar presentations

© 2021 SlidePlayer.com Inc.

All rights reserved.

To make this website work, we log user data and share it with processors. To use this website, you must agree to our Privacy Policy, including cookie policy.

Ads by Google