Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS470, A.SelcukKerberos1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CS470, A.SelcukKerberos1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk."— Presentation transcript:

1 CS470, A.SelcukKerberos1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk

2 CS470, A.SelcukKerberos2 Cryptographic authentication for distributed systems Based on symmetric-key authentication with KDC Requirements: –Security –Reliability –Transparency –Scalability

3 CS470, A.SelcukKerberos3 Advantages: –secure authentication –single sign-on –secure data flow Applications benefiting from Kerberos: –telnet, ftp –BSD rtools (rlogin, rsh, rcp) –NFS –Others (pine, eudora, etc.)

4 CS470, A.SelcukKerberos4 Kerberos Keys Each “principal” shares a “master key” with KDC K A : Alice’s master key. Used for initial authentication S A : Alice’s session key. Created after initial authentication, used instead of K A. K AB : Alice-Bob session key. “Ticket Granting Tickets” (TGT): –issued to Alice by KDC after login –contains S A encrypted with K KDC –used to obtain session key K AB

5 CS470, A.SelcukKerberos5 Logging into the Network (doesn’t protect against dictionary attacks with eavesdropping) Alice KDC Alice, pwd K A {S A, TGT} Alice’s terminal Alice needs a TGT

6 CS470, A.SelcukKerberos6 Logging into the Network (cont’d) The workstation, converts Alice’s password into a DES key when receives the credentials from the server, decrypts them using this DES key if decrypts correctly, authentication is successful discards Alice’s master key; retains the TGT. TGT contains all the information KDC needs about Alice’s session; hence KDC can work without remembering any volatile data.

7 CS470, A.SelcukKerberos7 Accessing a Remote Principal Afterwards, the traffic between Alice & Bob can be –unprotected –authenticated –encrypted & authenticated Alice KDC rlogin Bob S A {“Bob”, K AB, K B {“Alice”, K AB }} Alice’s workstation “Alice”, “Bob”, TGT, S A {timestamp} Bob K B {“Alice”, K AB }, K AB {timestamp} K AB {timestamp+1}

8 CS470, A.SelcukKerberos8 Replicated KDCs A single KDC would be –a performance bottleneck –a single point of failure Have multiple replicas of the KDC with the database and the master key Any replica can serve as KDC for authentication Only one KDC (the master copy) handles the additions & deletions of principals (for consistency)

9 CS470, A.SelcukKerberos9 Multiple Realms KDC A & KDC B must have registered with each other Chains longer than two KDCs not allowed (v.4) KDC B ticket to KDC B Alice “Alice”, “KDC B ” Bob KDC A ticket to Bob “Alice”, “Bob” AP_REQ

10 CS470, A.SelcukKerberos10 Kerberos v5 Platform-independent coding (ASN.1) Support for non-IP addresses “ “ non-DES encryption Delegation of rights Hierarchy of realms Extended ticket lifetime Has public-key extensions (e.g., SESAME, Win2000)

Download ppt "CS470, A.SelcukKerberos1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk."

Similar presentations

ISA 662 Internet Security Protocols Kerberos Prof. Ravi Sandhu.

ISA 662 Internet Security Protocols Kerberos Prof. Ravi Sandhu.
Kerberos: An Authentication Service for Open Network Systems Jennifer G. Steiner, Clifford Neuman, and Jeffrey I. Schiller Massachusetts Institute of Technology.

Kerberos: An Authentication Service for Open Network Systems Jennifer G. Steiner, Clifford Neuman, and Jeffrey I. Schiller Massachusetts Institute of Technology.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.6 Kerberos.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.6 Kerberos.
COEN 350 Kerberos.

COEN 350 Kerberos.
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.

Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.
Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.

Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
KERBEROS www.unix.org.ua/orelly/networking/puis/ch19_06.htm.

KERBEROS
SCSC 455 Computer Security

SCSC 455 Computer Security
Kerberos Part 2 CNS 4650 Fall 2004 Rev. 2. PARC Once Again Once again XEROX PARC helped develop the basis for wide spread technology Needham-Schroeder.

Kerberos Part 2 CNS 4650 Fall 2004 Rev. 2. PARC Once Again Once again XEROX PARC helped develop the basis for wide spread technology Needham-Schroeder.
ECE454/CS594 Computer and Network Security

ECE454/CS594 Computer and Network Security
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.

1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
CS470, A.SelcukNeedham-Schroeder1 Needham-Schroeder Protocol Authentication & Key Establishment CS 470 Introduction to Applied Cryptography Instructor:

CS470, A.SelcukNeedham-Schroeder1 Needham-Schroeder Protocol Authentication & Key Establishment CS 470 Introduction to Applied Cryptography Instructor:
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Similar presentations

Ads by Google