Presentation is loading. Please wait.

Presentation is loading. Please wait.

Kerberized Credential Translation Olga Kornievskaia Peter Honeyman Bill Doster Kevin Coffman Center for Information Technology Integration University of.

Published byDarin Knocke Modified over 9 years ago

Similar presentations

Presentation on theme: "Kerberized Credential Translation Olga Kornievskaia Peter Honeyman Bill Doster Kevin Coffman Center for Information Technology Integration University of."— Presentation transcript:

1 Kerberized Credential Translation Olga Kornievskaia Peter Honeyman Bill Doster Kevin Coffman Center for Information Technology Integration University of Michigan, Ann Arbor

2 Two worlds u Kerberos is a widely used authentication mechanism u login, AFS, mail, LDAP u SSL is used to establish secure connections on the Web u https, SSL-enabled Telnet u Need interoperability mechanisms

3 Webs Access Control u Example: access AFS content via the Web u AFS is Kerberos protected, not SSL u Web Server needs user’s Kerberos creds u Candidate solutions u World-readable files u file://afs/citi.umich.edu/u/... u Other problems requiring web access control u Kerberized X.500 directory via Web u Kerberized IMAP/POP mail servers via Web

4 Existing solutions and related work u Accessing Kerberized services via the Web u Send id and password (securely) to the Web Server u Grants Web Server broad powers to impersonate the user u Kerberos authentication in TLS with support for delegation u Not supported by browsers u No mechanism for fine-grained delegation u Perform access control at the Web Server

5 The best of both worlds u Leverage Kerberos to solve PKI key management problem u Use strong authentication over the Web u Provide Web Interface for Kerberized services through the Web Server u Use existing infrastructures

6 Design Components u KX.509 creates short-lived certificates u Web Server acquires Kerberos credentials on client’s behalf u Kerberized Credential Translator (KCT): u Translates client’s PK credentials to Kerberos u WebAFS prototype

7 KX.509 (junk keys) u Client acquires a service ticket for KCA u Then generates a public-private key pair u And sends the public key to KCA for signing u Service ticket, public key, MAC sk (PK) u KCA generates a certificate u Uses X.500 to map client identification u Expiry of the certificate is set to that of the Kerberos creds u KCA sends the certificate back to the client u X.509 cert, MAC sk (cert)

8 KX.509 u Client stores certificate in Kerberos ticket cache u Netscape manages its own certificates and is unaware of KX.509 certs u Added a cryptographic module to Netscape u Netscape calls our module when SSL client authentication is requested

9 Web Server u Authenticates client with SSL u Records transcript of SSL handshake u Sends SSL transcript to KCT u Receives and caches Kerberos credentials u Authenticates to a backend service (say, AFS) with received credentials

10 Kerberized Credential Translator u Kerberos authenticates the Web Server u Receives and verifies an SSL transcript u Verifies client/server certs u Verifies client’s signature in CLIENT_VERIFY u Matches server identities in server cert and server ticket u Assures freshness of the transcript u Issues a service ticket for the client to the Web Server

11 KCT u Requires access to KDC database u Needs the same physical security u In practice, runs on the same machine u Avoids challenge of consistent replication u Achieves physical security requirement

12 Performance u End-to-end delays u 133 MHz Pentium, Red Hat 6.2 (2.2 kernel) First access to index.html 4.040 s Subsequent access to server 1.252 s Accesses within a page (e.g, images) 0.022 s

13 Summary u A solution for Web Access Control u KX.509 provides single sign-on capability u Illustrated how an SSL handshake can be used as a delegation mechanism u Introduced a new mechanism to translate PK credentials to Kerberos

14 Any questions?

15 Extra slides from here on….

16 Discussion u KX.509 u anonymous certificates u KCT u More powerful authorization model u Different (not KX.509) PK – Kerberos identity mapping u Extensions u Any SSL-enabled server (telnet): no more passwords

17 Overview of Kerberos u Initial authentication u Request for a Ticket Granting Ticket u Request for a service ticket u Authentication to a Kerberized server

18 Overview of SSL u Provides secure connections u Entity authentication u Public key challenge-response protocol + X.509 certs u RSA, DH, Fortezza u Message confidentiality u DES, 3DES, RC2, RC4, IDEA u Message integrity u MD5, SHA u Consists of 2 protocols: record and handshake

19 SSL handshake ClientHello Certificate ClientKeyExchange CertificateVerify Finished ServerHello Certificate CertificateRequest ServerHelloDone Finished

20 Inside SSL handshake  ClientHello u version, timestamp, random, session id, cipher suite  Certificate u X.509 certificate, CA chain  ClientKeyExchange u [Key material] WSPK (in RSA)  ClientVerify u [HMAC MK (handshake msgs)] CPR

21 Important in SSL handshake u Timestamp serves as a nounce u Used as a replay guard u SSL renegotiation establishes a new key u Session ID allows for reuse of previously established session keys u Partial handshakes improve performance

22 Implementation issues u Netscape starts with an SSLv2 ClientHello u Requires an SSL renegotiation or a request to KCT for a nounce u Chose to renegotiate u SSLv3 ClientVerify uses master secret u Must reveal the secret to KCT u Requires an SSL renegotiation

23 Performance piece by piece u Components delays 1 handshake1.252 s 2 handshakes2.495 s TGT/KCT_TKT0.029 s KCT request0.255 s Partial handshake0.022 s

Download ppt "Kerberized Credential Translation Olga Kornievskaia Peter Honeyman Bill Doster Kevin Coffman Center for Information Technology Integration University of."

Similar presentations

Single Sign-On with GRID Certificates Ernest Artiaga (CERN – IT) GridPP 7 th Collaboration Meeting July 2003 July 2003.

Single Sign-On with GRID Certificates Ernest Artiaga (CERN – IT) GridPP 7 th Collaboration Meeting July 2003 July 2003.
SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.
Web security: SSL and TLS

Web security: SSL and TLS
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Lecture 6: Web security: SSL

Lecture 6: Web security: SSL
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.

Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.

17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
1 SSL/TLS 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.

1 SSL/TLS 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?

COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
December 2006Prof. Reuven Aviv, SSL1 Web Security with SSL Prof. Reuven Aviv Dept. of Computer Science Tel Hai Academic College.

December 2006Prof. Reuven Aviv, SSL1 Web Security with SSL Prof. Reuven Aviv Dept. of Computer Science Tel Hai Academic College.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
A Survey of WAP Security Architecture Neil Daswani

A Survey of WAP Security Architecture Neil Daswani
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Similar presentations

Ads by Google